Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How can I disable user accounts for a firebase project from code?

I can successfully disable user accounts for a project from console (firebase web page) but how can a user from an applicative disable your own user account by code when he wants to do. Also, I don't find help in the new documentation of firebase.

like image 951
Franklin Navia Avatar asked May 26 '16 16:05

Franklin Navia


People also ask

How to disable user from Firebase?

There's no method to disable a user account from the Android client SDK. You have to use Firebase Admin SDK for this. You can also trigger this function when a Firebase user is created on Firebase Cloud Function.

How can I get user details from Firebase?

If the user login with a custom "email/password" you don't know anything else about that user (apart from the unique user id). If a user login with Facebook, or with Google sign in, you can get other information like the profile picture url. It is explained here: firebase.google.com/docs/auth/android/… .


1 Answers

This is a bit old to answer the question. But just for someone who looks for the same answer would get an idea from my answer.

Using the Admin SDK

Firebase admin (node.js)- which is not available for Mobile platform - has the ability to do the disabling/deleting the user by using the Admin SDK. To disable a user, set the disable attribute to TRUE.

NOTE: Using the Admin SDK is not possible if your application is browser based application.

enter image description here

Using the Realtime Database Rules

The other option is to restrict the user access (read/write) to database by setting Users table in realtime database. You can add a flag field (active) in that table for example:

{
  "users" : {
    "3sFGw6zlr8VylNuvmCWd9xG1CQ43" : {
      "active" : true,
      "address" : "#123, City",
      "createdBy" : "2016-12-20",
      "mobile" : "xxxxxxx"
    },
    "posts" : {
    }
}

In the above example - "3sFGw6zlr8VylNuvmCWd9xG1CQ43" is the uid generated by firebase authentication. This is the key to join this custom users table with firebase user profile. The active field can easily set true or false with normal database write operation.

And this flag field will be used to check if this account has access to database records. See below for an example:

{
  "rules": {
    ".read": "auth !== null && root.child('users/' + auth.uid).child('active').val()==true",
    ".write": "auth !== null && root.child('users/' + auth.uid).child('active').val()==true",
  }
} 

This rule will check if user is logged in and has flag field active true. Otherwise, user will not be able to read or write to database. On the user login page, you can also check this flag field for logged in user and logout the user if active field is false, so that user will not be able to log in to system.

EDIT: You can use Cloud Functions (Admin SDK) is available in there. Try to spare sometimes to read about Cloud Functions here. Firebase Cloud Functions is quite a useful tools for Realtime Database.

like image 172
Sithu Avatar answered Sep 18 '22 19:09

Sithu