问题描述
我正在创建一个应该可以管理用户访问权限的应用程序.管理员应具有创建,删除和编辑用户帐户的权限.
I'm creating a app where I should be able of managing users access. The admin should have permissions of creating, deleting and editing users accounts.
我正在使用Firebase创建用户帐户.
I'm using firebase for creating users account.
现在,用户可以单独创建,编辑和删除他们的帐户,但是问题是管理员应该这样做,而不仅仅是用户.
Right now individually users can creating, editing and delete their accounts, but the problem is that the admin should do that, and not just the users.
import 'dart:async';
import 'package:firebase_auth/firebase_auth.dart';
import 'package:flutter/services.dart';
import 'package:google_sign_in/google_sign_in.dart';
class UserLoader {
final FirebaseAuth _auth = FirebaseAuth.instance;
final GoogleSignIn googleSIgnIn = new GoogleSignIn();
static final UserLoader _singleton = new UserLoader._internal();
FirebaseUser user;
factory UserLoader() {
return _singleton;
}
UserLoader._internal();
Future<FirebaseUser> signInWithEmailAndPassword(email, password) async {
if (user != null) return user;
_signInAnonymously().then((value) {
if (value != null) {
user = value;
}
}).catchError((e) {
return null;
});
if (user == null) {
FirebaseUser user = await _auth.signInWithEmailAndPassword(
email: email, password: password).catchError(
(onError)
{
print(onError);
});
return user;
} else {
return null;
}
}
Future<FirebaseUser> signInWithGoogle() async {
if (user != null) return user;
_signInAnonymously().then((value) {
if (value != null) {
user = value;
}
}).catchError((e) {
print(e.toString());
});
if (user == null) {
GoogleSignInAccount googleSignInAccount = await googleSIgnIn.signIn();
GoogleSignInAuthentication gSA = await googleSignInAccount.authentication;
FirebaseUser user = await _auth.signInWithGoogle(
idToken: gSA.idToken, accessToken: gSA.accessToken);
return user;
} else {
return null;
}
}
Future<FirebaseUser> _signInAnonymously() async {
if (user != null) return user;
user = await _auth.signInAnonymously();
return user;
}
Future signOut() async {
await _auth.signOut();
await googleSIgnIn.signOut();
user = null;
}
Future changePassword(email) async{
await _auth.sendPasswordResetEmail(email: email);
}
Future createNewUser(email){
_auth.createUserWithEmailAndPassword(email: email, password: "new_pass");
}
Future deleteUser(FirebaseUser firebaseUser){
firebaseUser.delete();
}
}
我认为Firebase Admin应该可以解决问题,但我不确定.
I think that Firebase Admin should do the trick but I'm not sure.
推荐答案
Firebase Admin SDK仅可用于受信任的环境,例如您的开发计算机,您控制的服务器或Firebase的Cloud Functions. (有意)不适用于客户端应用程序(例如,在Android或iOS上部署的客户端应用程序),无论是使用本机代码构建的应用程序,还是通过Flutter构建的应用程序,均不可用.
The Firebase Admin SDK is only available for use in trusted environments, such as your development machine, a server you control, or Cloud Functions for Firebase. It is (intentionally) not available for use in client-side apps, such as those deployed on Android or iOS, neither when you build those with native code, nor when you build them through Flutter.
唯一的选择是在受信任的环境中使用Admin SDK来实现所需的功能,并将端点公开给Flutter应用.如果最终这样做,请确保保护对端点的访问,以便只有应用程序的管理员用户才能访问它.有关如何使用Cloud Functions保护访问的示例,请参见此在函数样本回购中采样.
The only option is to implement the functionality you want with the Admin SDK in a trusted environment, and expose an end-point to your Flutter app. If you end up doing this, make sure to secure access to the end-point so that only the admin users of your app can access it. For an example of how to secure access with Cloud Functions, see this sample in the functions-samples repo.
这篇关于如何在Flutter中使用Firebase Admin SDK?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!