I am trying to implement mandatory login for my website. The problem I am having is that I can't find a way to do so. Let's say I create a SignIn page like...
var uiConfig = {
signInSuccessUrl: '<url-to-redirect-to-on-success>',
signInOptions: [
firebase.auth.GoogleAuthProvider.PROVIDER_ID,
firebase.auth.FacebookAuthProvider.PROVIDER_ID,
firebase.auth.TwitterAuthProvider.PROVIDER_ID,
firebase.auth.GithubAuthProvider.PROVIDER_ID,
firebase.auth.EmailAuthProvider.PROVIDER_ID,
firebase.auth.PhoneAuthProvider.PROVIDER_ID
],
tosUrl: '<your-tos-url>'
};
var ui = new firebaseui.auth.AuthUI(firebase.auth());
ui.start('#firebaseui-auth-container', uiConfig);
</script>
..on a page called www.example.com/SignIn
If I go to www.example.com/Index
I could totally bypass all the signin.
I figured that something like this
if ( FirebaseUser.getCurrentUser () != null ) {
redirect to sign in page }
How ?
Thanks
Use onAuthStateChanged
listener on the www.example.com/Index
page:
firebase.auth().onAuthStateChanged(function(user) {
if (!user) {
window.location.assign('www.example.com/SignIn');
}
...
});
However, this is not the right way to enforce access control. You should enforce signed in access via either mechanism:
Also you can use session cookies to do so, depending on your site architecture. Firebase now, also provides the ability to mint longer term session cookies
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.