*
User account is created in the Authentication menu of the Firebase
console by a system admin
*
On our Website, the user enters the email which was previously
provided to us (so, we created it in the cloud console)
*
Entered email is checked whether it is one of the
predefined emails/accounts that we already have under the Users menu
of the authentication tab.
If the email is one of the predefined ones, then we allow the validation to continue. Otherwise, we don't send validation email (So, we don't spam people whose email got eventually abused) and we don't create a new account in the system and we just return 403 error somehow.
On the website, the way we access Firestore is through the firebase-admin package:
//admin.js
const admin = require('firebase-admin');
admin.initializeApp();
const db = admin.firestore();
module.exports = { admin, db };
So, how can I achieve this behaviour and accomplish it in the most clean and robust way? I've bee using this repo as a starting point but it has no such restriction on predefined users and whatever email is entered in the form - email is sent to it.
0 comments:
Post a Comment
Thanks