Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How do you block users on Firebase?

Tags:

firebase

firebase-authentication

firebase-security

I'm using Firebase for my app and was wondering how to block certain users. I see on the Auth tab of the console, there are "delete" and "disable" options. What do those do? I haven't been able to find documentation on that. Will one of those allow me to block a user?

What I mean by blocking a user is for the ".read": "auth != null" rule to prevent him from accessing data on the database

like image 359
Philip Sopher Avatar asked Jun 19 '16 15:06

Philip Sopher

People also ask

How do I remove a user from Firebase?

You can also delete users from the Authentication section of the Firebase console, on the Users page. Important: To delete a user, the user must have signed in recently. See Re-authenticate a user.

Does Firebase have security?

Firebase Security Rules work by matching a pattern against database paths, and then applying custom conditions to allow access to data at those paths. All Rules across Firebase products have a path-matching component and a conditional statement allowing read or write access.

1 Answers

The disable feature consist in preventing that user to authenticate. So if he tries to authenticate he will fail with error code INVALID_CREDENTIALS and he won't have access to the data that has the ".read": "auth != null" rule. It works like he is deleted but the admin still have the power to reactivate the user account.

If you want to build a list of "blocked users" that will be able to authenticate but will have restricted access, you can store the blocked ids in a node on your firebase database like /databaseRoot/blockedUsers and then work with the security and rules.

".read": "auth != null && !root.child('blockedUsers').hasChild(auth.uid)"

blockedUsers could look like the tree bellow but you could also add some other info under the userId such as the date this user was blocked.

/databaseRoot
    /blockedUsers
       userId1 : true
       userId2 : true

Adding the user to this list will depend on your necessity. You can do it manually by accessing the firebase console and adding the user id to the node. Or, if you want to block an user based on an event on the application, you could simply call something like

ref.child('blockedUsers').child(userIdToBlock).set(true);
like image 188
adolfosrs Avatar answered Sep 23 '22 22:09

adolfosrs
Sign in to Comment

Related questions

Firebase Web retrieve data
Firebase : Retrieve childByAutoID from Realtime Database
Sign in with different google account Firebase iOS
Cloud Functions for Firebase with custom HTTP path
Are Firebase Cloud Messaging (FCM) tokens unique?
FirebaseRemoteConfigFetchThrottledException ? #AskFirebase
firebase on Data Change is called multiple times in add value event listener
Getting response with status: 405. Method not allowed for URL with POST in Firebase
Link Phone Number with Facebook and Gmail account in Firebase on Web
How to query in a Flutter/FirebaseAnimatedList using buildArguments or anything else? (example please)
How to use Gradle in Unity
Firebase Hosting, disable HTTPS?
How to make lasting changes to config.xml in Ionic project
Firestore - Where exactly to put the @Exclude annotation?
Async/Await uploadTask
How do i open specific page in my flutter app when click the push notification
Firestore OrderBy and Where conflict
Access-Control-Allow-Origin added to firebase.json but missing from the file response header
Installing firebase with Cocoapods
How to deal with [NSDate] and Firebase

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!