You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
Since firebase function support blocking functions. I wish to have logic to set session claims or reject signin based on session context. Such as the current page or domain user currently used to signing in
Describe the solution you'd like
In client, I wish that the api auth().signInWithPopup and similar function should support adding custom parameter, such as
Then in the server api, I wish that the AuthEventContext parameter at the API functions.auth.user().beforeSignIn should have params value being set as the custom value
exports.checkClaimBeforeSignIn=functions.auth.user().beforeSignIn((user,context)=>{// get sessionClaims only in the page that set customKey as 1234if(context.params.customKey==1234){constdoc=awaitgetFirestore().collection("users").doc(user.uid).get();constadminLevel=doc.get("adminLevel");// get sessionClaims only in the page that set customKey as 1234if(adminLevel>0)return{sessionClaims: {adminLevel : doc.get("adminLevel")}};// reject access to admin pagethrownewError("Not admin");}});
I don't know any workaround that could utilize blocking function this ways, is it possible?
The text was updated successfully, but these errors were encountered:
Is your feature request related to a problem? Please describe.
Since firebase function support blocking functions. I wish to have logic to set session claims or reject signin based on session context. Such as the current page or domain user currently used to signing in
Describe the solution you'd like
In client, I wish that the api
auth().signInWithPopup
and similar function should support adding custom parameter, such asThen in the server api, I wish that the
AuthEventContext
parameter at the APIfunctions.auth.user().beforeSignIn
should haveparams
value being set as the custom valueI don't know any workaround that could utilize blocking function this ways, is it possible?
The text was updated successfully, but these errors were encountered: