问题
what im trying to do is to setup a role based authorization (reqular users and subscribed users) and based on roles users gets redirected to different screens. i am STUCK. ive tried different solutions and seen every tutorial there is out there about the concept. i understand how the concept works but having a realy hard time setting it up in my code. im not sure where to declare the subscribed users and how create the function and how to Navigate them! greatful for any help! this is how my code looks!
//this is my auth services
static void signUpUser(
BuildContext context, String name, String email, String password) async {
try {
AuthResult authResult = await _auth.createUserWithEmailAndPassword(
email: email,
password: password
);
FirebaseUser signedInUser = authResult.user;
if (signedInUser != null) {
_firestore.collection('/users').document(signedInUser.uid).setData({
'name': name,
'email': email,
'profileImageUrl': '',
});
//sign up page
final _formKey = GlobalKey<FormState>();
String _name, _email, _password;
_submit() {
if(_formKey.currentState.validate()){
_formKey.currentState.save();
AuthService.signUpUser(context, _name, _email, _password);
}
}
//my main.dart
Widget _getScreenId() {
return StreamBuilder<FirebaseUser>(
stream: FirebaseAuth.instance.onAuthStateChanged,
builder: (BuildContext context, snapshot) {
if (!snapshot.hasData) {
Provider.of<UserData>(context).currentUserId = snapshot.data.uid;
return LoginScreen();
} else {
return HomeScreen();
}
},
);
}
//user models import 'package:cloud_firestore/cloud_firestore.dart';
class User {
final String id;
final String name;
final String profileImageUrl;
final String email;
final String bio;
User({
this.id,
this.name,
this.profileImageUrl,
this.email,
this.bio
});
回答1:
The two most common places to store role information are:
- as a custom claim in the Firebase Authentication token for that user,
- in the database in a document associated with that user.
No matter which one you pick, you should be setting this role from within a trusted environment (your development machine, a server you control, or Cloud Functions) as otherwise anyone can change their own role.
Once set in either of these locations, you can access the role information in your client-side code, and navigate to the correct screen for that user.
Also see:
- this video on setting up role based access control in security rules
- How to create firebase admin user for authentication in java
- Administrator Views for a Firebase Web Application: How To
- how to make singups and signins with different group of users
来源:https://stackoverflow.com/questions/60616919/role-based-authorization-and-role-based-access-control-flutter