I can successfully disable user accounts for a project from console (firebase web page) but how can a user from an applicative disable your own user account by code when he wants to do. Also, I don't find help in the new documentation of firebase.
There's no method to disable a user account from the Android client SDK. You have to use Firebase Admin SDK for this. You can also trigger this function when a Firebase user is created on Firebase Cloud Function.
If the user login with a custom "email/password" you don't know anything else about that user (apart from the unique user id). If a user login with Facebook, or with Google sign in, you can get other information like the profile picture url. It is explained here: firebase.google.com/docs/auth/android/… .
This is a bit old to answer the question. But just for someone who looks for the same answer would get an idea from my answer.
Using the Admin SDK
Firebase admin (node.js)- which is not available for Mobile platform - has the ability to do the disabling/deleting the user by using the Admin SDK. To disable a user, set the disable attribute to TRUE.
NOTE: Using the Admin SDK is not possible if your application is browser based application.
Using the Realtime Database Rules
The other option is to restrict the user access (read/write) to database by setting Users table in realtime database. You can add a flag field (active) in that table for example:
{
"users" : {
"3sFGw6zlr8VylNuvmCWd9xG1CQ43" : {
"active" : true,
"address" : "#123, City",
"createdBy" : "2016-12-20",
"mobile" : "xxxxxxx"
},
"posts" : {
}
}
In the above example - "3sFGw6zlr8VylNuvmCWd9xG1CQ43" is the uid generated by firebase authentication. This is the key to join this custom users table with firebase user profile. The active field can easily set true or false with normal database write operation.
And this flag field will be used to check if this account has access to database records. See below for an example:
{
"rules": {
".read": "auth !== null && root.child('users/' + auth.uid).child('active').val()==true",
".write": "auth !== null && root.child('users/' + auth.uid).child('active').val()==true",
}
}
This rule will check if user is logged in and has flag field active true. Otherwise, user will not be able to read or write to database. On the user login page, you can also check this flag field for logged in user and logout the user if active field is false, so that user will not be able to log in to system.
EDIT: You can use Cloud Functions (Admin SDK) is available in there. Try to spare sometimes to read about Cloud Functions here. Firebase Cloud Functions is quite a useful tools for Realtime Database.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With