ios - Firebase permissions: Sign up with username and password -


i'd have users sign unique username , password (rather email + password). have working i:

sign up

  1. check if provided username exists

  2. if not, use firauth.auth()?.createuserwithemail , store username in db email, e.g.

    • users
      • qzqfzwxpdmfc0xmyiq5idar1bzr2
        • credentials
          • email: "myemail@gmail.com"
          • username: "myusername"
      • rjasdfasfasdad3dadaewdsdkdq3dk
        • credentials
          • email: "another@gmail.com"
          • username: ""another

sign in

  1. query db user associated username , use email address , use firauth.auth()?.signin(withemail: withemail log in

while approach work, i'm wondering how work firebase permissions?

in order email address associated username, i'm going have let all users access email address / username data, e.g.

{   "rules": {     ".read": true,     ".write": "auth != null"   } }

does mean 'hacker' email addresses of users have registered app? if so, there way securely?

well answer question if can data if rules set true: yes, can query every user when registered. not unless testing. write database rules: firebase database can access every data , check unique name you. simple example:

{   "allusernames": {     ".read": false,     ".write": "!data.exists() && newdata.exists()"   } }

when error in code, other words write failed, know username taken.


Comments

Post a Comment

Popular posts from this blog

Is there a better way to structure post methods in Class Based Views -

i'm using class based views in django , never specify url in ajax calls , omit action parameter in form because know these requests go through post method of class based view. notice view - profile page make many requests depending on user updating on page - post method become convoluted , if/else mess example: def post(self, request, *args, **kwargs): # handle user changing available date if request.post.get('availabledate') != none: self.updateavailabledate(request) return jsonresponse({'result':'success'}) if request.post.get('newprojectname') != none: creative_user = creativeuserprofile.objects.get(id = request.user.id) project = project.create_project(creative_user, request.post['newprojectname']) project.save() return jsonresponse({'projectid': project.id }) if request.post.get('projectimage') != none , request.files['file']: proj...
Read more

What is happening when Matlab is starting a "parallel pool"? -

running parallel cpu processes in matlab starts command parpool() according documentation , function: [creates] special job on pool of workers, , [connects] matlab client parallel pool. this function takes bit of time execute, on order of 30 seconds. in other multi-cpu paradigms openmp, parallel execution seems totally transparent -- i've never noticed behavior analogous matlab (granted i'm not experienced parallel programming). so, happening between time parpool() called , when finishes executing? takes long? parallel computing toolbox enables run matlab code in parallel using several different paradigms (e.g. jobs , tasks, parfor , spmd , parfeval , batch processing), , run either locally (parallelised across cores in local machine) or remotely (parallelised across machines in cluster - either 1 own, or 1 in cloud). in of these cases, code run on matlab workers , copies of matlab without interactive desktop. if you're intending run on remo...
Read more

php - Cannot override Laravel Spark authentication with own implementation -

during login process of laravel spark need request token of remote api. api stores exact same users , passwords laravel spark application. therefore need username , non hashed password of user during authentication process. i thought overriding authenticated method solution problem. in routes/web.php override post /login endpoint , pointing endpoint own logincontroller: <?php namespace app\http\controllers\auth; use illuminate\support\facades\log; use illuminate\http\request; use laravel\spark\http\controllers\auth\logincontroller sparklogincontroller; class logincontroller extends sparklogincontroller { /** * create new login controller instance. * * @return void */ public function __construct() { parent::__construct(); } /** * handle successful authentication attempt. * * @param request $request * @param \illuminate\contracts\auth\authenticatable $user * @return response */ public fu...
Read more