I am setting up the Firebase Admin SDK in a NodeJS, Express API.
I have added an endpoint that allows me to create a user -
route.post('/create', (req, res) => {
const { email, password } = req.body
fbseAdmin.auth().createUser({ email, password })
.then((userRecord) => {
res.status(200).json({ userRecord })
})
})
What I would like to do however is ensure a user has roles so I can provide Authorisation checks on some services.
I do not understand how I can achieve this though? I was thinking perhaps I add an entry to the realtime database, something like -
users/uid/roles/<role name>: true
However I am not sure if I missing something. Also, if this is the case and I do need to do this, would I do this something like -
route.post('/create', (req, res) => {
const { email, password } = req.body
fbseAdmin.auth().createUser({ email, password })
.then((userRecord) => {
fbseAdmin.database()
.ref('users')
.child(`${userRecord.uid}/roles`)
.set({
admin: true
})
res.status(200).json({ userRecord })
})
})
This seems a little brittle to say the least.
Also, as this entry isn't part of the user object, I would need to look up in the realtime db everytime I want to verify this? Is that correct?
You should look at how to set a custom claim against a user .
route.post('/create', (req, res) => {
const { email, password } = req.body
fbseAdmin.auth().createUser({ email, password })
.then((userRecord) => {
fbseAdmin.auth().setCustomUserClaims(userRecord.uid, { admin: true })
.then(() => {
res.status(200).json({ userRecord })
})
})
})
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.