I can successfully disable user accounts for a project from console (firebase web page) but how can a user from an applicative disable your own user account by code when he wants to do. Also, I don't find help in the new documentation of firebase.
我可以从控制台(firebase网页)成功禁用项目的用户帐户,但是应用程序中的用户如何在他想要的时候通过代码禁用您自己的用户帐户。另外,我在firebase的新文档中找不到帮助。
2 个解决方案
#1
8
This is a bit old to answer the question. But just for someone who looks for the same answer would get an idea from my answer.
回答这个问题有点老了。但只是寻找相同答案的人才能从我的答案中得到一个想法。
Using the Admin SDK
使用Admin SDK
Firebase admin (node.js)- which is not available for Mobile platform - has the ability to do the disabling/deleting the user by using the Admin SDK. To disable a user, set the disable attribute to TRUE.
Firebase管理员(node.js) - 不适用于移动平台 - 可以使用Admin SDK执行禁用/删除用户的功能。要禁用用户,请将disable属性设置为TRUE。
NOTE: Using the Admin SDK is not possible if your application is browser based application.
注意:如果您的应用程序是基于浏览器的应用程序,则无法使用Admin SDK。
Using the Realtime Database Rules
使用实时数据库规则
The other option is to restrict the user access (read/write) to database by setting Users table in realtime database. You can add a flag field (active) in that table for example:
另一个选项是通过在实时数据库中设置Users表来限制用户对数据库的访问(读/写)。您可以在该表中添加标志字段(活动),例如:
{
"users" : {
"3sFGw6zlr8VylNuvmCWd9xG1CQ43" : {
"active" : true,
"address" : "#123, City",
"createdBy" : "2016-12-20",
"mobile" : "xxxxxxx"
},
"posts" : {
}
}
In the above example - "3sFGw6zlr8VylNuvmCWd9xG1CQ43" is the uid generated by firebase authentication. This is the key to join this custom users table with firebase user profile. The active field can easily set true or false with normal database write operation.
在上面的例子中 - “3sFGw6zlr8VylNuvmCWd9xG1CQ43”是由firebase身份验证生成的uid。这是使用firebase用户配置文件加入此自定义用户表的关键。通过正常的数据库写操作,活动字段可以轻松设置true或false。
And this flag field will be used to check if this account has access to database records. See below for an example:
此标志字段将用于检查此帐户是否可以访问数据库记录。请参阅下面的示例:
{
"rules": {
".read": "auth !== null && root.child('users/' + auth.uid).child('active').val()==true",
".write": "auth !== null && root.child('users/' + auth.uid).child('active').val()==true",
}
}
This rule will check if user is logged in and has flag field active true. Otherwise, user will not be able to read or write to database. On the user login page, you can also check this flag field for logged in user and logout the user if active field is false, so that user will not be able to log in to system.
此规则将检查用户是否已登录并且标志字段是否为true。否则,用户将无法读取或写入数据库。在用户登录页面上,您还可以检查登录用户的此标志字段,如果活动字段为false,则注销用户,以便该用户无法登录系统。
EDIT: You can use Cloud Functions (Admin SDK) is available in there. Try to spare sometimes to read about Cloud Functions here. Firebase Cloud Functions is quite a useful tools for Realtime Database.
编辑:您可以使用云功能(Admin SDK)。尽量有时候在这里阅读有关云功能的信息。 Firebase Cloud Functions是实时数据库非常有用的工具。
#2
3
Response from firebase-support@google.com:
来自firebase-support@google.com的回复:
Thanks for reaching out. Sorry it took to so long to get back to you. Currently, there's no explicit API to disable a user's account. The existing workaround would be to implement a 'disable' flag for users that would allow you to disable/enable an account. Note that this flag would be stored and maintained in your Firebase database. You could use this in conjunction with security rules so that once an account is disabled, only metadata from admins can be written to the user account.
谢谢你伸出援手。对不起,花了这么长时间才回复你。目前,没有明确的API来禁用用户的帐户。现有的解决方法是为用户实现“禁用”标志,允许您禁用/启用帐户。请注意,此标记将存储在Firebase数据库中并进行维护。您可以将此与安全规则结合使用,以便在禁用帐户后,只能将管理员的元数据写入用户帐户。
#1
8
This is a bit old to answer the question. But just for someone who looks for the same answer would get an idea from my answer.
回答这个问题有点老了。但只是寻找相同答案的人才能从我的答案中得到一个想法。
Using the Admin SDK
使用Admin SDK
Firebase admin (node.js)- which is not available for Mobile platform - has the ability to do the disabling/deleting the user by using the Admin SDK. To disable a user, set the disable attribute to TRUE.
Firebase管理员(node.js) - 不适用于移动平台 - 可以使用Admin SDK执行禁用/删除用户的功能。要禁用用户,请将disable属性设置为TRUE。
NOTE: Using the Admin SDK is not possible if your application is browser based application.
注意:如果您的应用程序是基于浏览器的应用程序,则无法使用Admin SDK。
Using the Realtime Database Rules
使用实时数据库规则
The other option is to restrict the user access (read/write) to database by setting Users table in realtime database. You can add a flag field (active) in that table for example:
另一个选项是通过在实时数据库中设置Users表来限制用户对数据库的访问(读/写)。您可以在该表中添加标志字段(活动),例如:
{
"users" : {
"3sFGw6zlr8VylNuvmCWd9xG1CQ43" : {
"active" : true,
"address" : "#123, City",
"createdBy" : "2016-12-20",
"mobile" : "xxxxxxx"
},
"posts" : {
}
}
In the above example - "3sFGw6zlr8VylNuvmCWd9xG1CQ43" is the uid generated by firebase authentication. This is the key to join this custom users table with firebase user profile. The active field can easily set true or false with normal database write operation.
在上面的例子中 - “3sFGw6zlr8VylNuvmCWd9xG1CQ43”是由firebase身份验证生成的uid。这是使用firebase用户配置文件加入此自定义用户表的关键。通过正常的数据库写操作,活动字段可以轻松设置true或false。
And this flag field will be used to check if this account has access to database records. See below for an example:
此标志字段将用于检查此帐户是否可以访问数据库记录。请参阅下面的示例:
{
"rules": {
".read": "auth !== null && root.child('users/' + auth.uid).child('active').val()==true",
".write": "auth !== null && root.child('users/' + auth.uid).child('active').val()==true",
}
}
This rule will check if user is logged in and has flag field active true. Otherwise, user will not be able to read or write to database. On the user login page, you can also check this flag field for logged in user and logout the user if active field is false, so that user will not be able to log in to system.
此规则将检查用户是否已登录并且标志字段是否为true。否则,用户将无法读取或写入数据库。在用户登录页面上,您还可以检查登录用户的此标志字段,如果活动字段为false,则注销用户,以便该用户无法登录系统。
EDIT: You can use Cloud Functions (Admin SDK) is available in there. Try to spare sometimes to read about Cloud Functions here. Firebase Cloud Functions is quite a useful tools for Realtime Database.
编辑:您可以使用云功能(Admin SDK)。尽量有时候在这里阅读有关云功能的信息。 Firebase Cloud Functions是实时数据库非常有用的工具。
#2
3
Response from firebase-support@google.com:
来自firebase-support@google.com的回复:
Thanks for reaching out. Sorry it took to so long to get back to you. Currently, there's no explicit API to disable a user's account. The existing workaround would be to implement a 'disable' flag for users that would allow you to disable/enable an account. Note that this flag would be stored and maintained in your Firebase database. You could use this in conjunction with security rules so that once an account is disabled, only metadata from admins can be written to the user account.
谢谢你伸出援手。对不起,花了这么长时间才回复你。目前,没有明确的API来禁用用户的帐户。现有的解决方法是为用户实现“禁用”标志,允许您禁用/启用帐户。请注意,此标记将存储在Firebase数据库中并进行维护。您可以将此与安全规则结合使用,以便在禁用帐户后,只能将管理员的元数据写入用户帐户。