Lets say I have 2 platforms, android and web, linked to my database.
The android is for the users to access while the web is for the admins to access. Both web and android shows different information.
How can I prevent the users from logging in to the web and the admins from the app?
Extra info -the users information are store in /users/uid(firebase generated). While the admins information are not stored in the database.
答案 0 :(得分:0)
您无法限制此类登录。
成功登录后,检查用户是否为ADMIN。如果ADMIN允许访问内容,否则将重定向到错误页面,该页面显示" RESTRICTED ACCESS"
你可以反之亦然。成功登录后,如果ADMIN限制访问。
要保护数据库级别的数据,您必须执行firebase数据库规则。
您的数据库结构应如下所示:
|
--admins: ['Add admin emails here as an array'],
|
--adminContent: Put admin content here,
|
--userContent: Put user content here
您的数据库规则应为:
"adminContent": {
".read": "root.child('admins').val().contains(auth.email)",
".write": "root.child('admins').val().contains(auth.email)"
}
"userContent": {
".read": "!root.child('admins').val().contains(auth.email)",
".write": "!root.child('admins').val().contains(auth.email)"
}