You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
Since firebase function support blocking functions. I wish to have logic to set session claims or reject signin based on session context. Such as the current page or domain user currently used to signing in
Describe the solution you'd like
In client, I wish that the api auth().signInWithPopup and similar function should support adding custom parameter, such as
Then in the server api, I wish that the AuthEventContext parameter at the API functions.auth.user().beforeSignIn should have params value being set as the custom value
exports.checkClaimBeforeSignIn=functions.auth.user().beforeSignIn((user,context)=>{// get sessionClaims only in the page that set customKey as 1234if(context.params.customKey==1234){constdoc=awaitgetFirestore().collection("users").doc(user.uid).get();constadminLevel=doc.get("adminLevel");// get sessionClaims only in the page that set customKey as 1234if(adminLevel>0)return{sessionClaims: {adminLevel : doc.get("adminLevel")}};// reject access to admin pagethrownewError("Not admin");}});
I don't know any workaround that could utilize blocking function this ways, is it possible?
The text was updated successfully, but these errors were encountered:
I could use something like this as well.
In my use case I have two flows:
Login flow
Register flow
When using Apple or Google sign in, I would like to block new users from being able to use the login flow to create a new account. And existing users from logging in via the register flow.
Is your feature request related to a problem? Please describe.
Since firebase function support blocking functions. I wish to have logic to set session claims or reject signin based on session context. Such as the current page or domain user currently used to signing in
Describe the solution you'd like
In client, I wish that the api
auth().signInWithPopup
and similar function should support adding custom parameter, such asThen in the server api, I wish that the
AuthEventContext
parameter at the APIfunctions.auth.user().beforeSignIn
should haveparams
value being set as the custom valueI don't know any workaround that could utilize blocking function this ways, is it possible?
The text was updated successfully, but these errors were encountered: