Is it possible to get the user of the firebase through the UID?

3

Doubt consists of the following problem:

I'm having a project using firebase and ionic 3. I am using the authentication mode via E-mail, where you have the email and UID stored.

For example: I have 2 registered users at the base.

1_ [email protected] UID = 123

2_ [email protected] UID = 321

In my code I have a message element that has the id of the submitter, for example:

Message 1 = description: "description", idUsername: "123"

I am logged in with the UID 321 user and want to retrieve the UID 123 user to view his email, how do I do that?

I did not want to store in the database of firebase, but since there is no other way, then someone would know how to create a registration screen that registers via email / password and stores that data in firebase. >

PS: I'm trying to use authentication via the user's token logged in to write to the database, but to do registration there is no token, so I'm not getting it.

It looks like this:

 return this.http
  .post(this.urlDataBase + email + '/user.json?auth=' + token, usuario)
  .map((response: Response) => {
    console.log(response);
    return response.json();
  });

But you are not saving on firebase, you are giving 400 error:

Response {_body: "{↵  "error" : "Invalid path: Invalid token in path"↵}↵", status: 400, ok: false, statusText: "Bad Request", headers: Headers, …}
    
asked by anonymous 03.07.2018 / 03:24

2 answers

3

As stated in the Link , it is not possible to read this Firebase directly, but there are a few other ways to do the validations so CRUD operations can be performed directly on the firebase.

When using email / password authentication in Firebase Authentication (previously known as Firebase SimpleLogin), your email and password combination is securely stored separately from the data actually stored in your Firebase.

This barrier between the data in your Firebase and your users' email / password hash combinations is by design: we want to make it easier for you to (1) develop your application, (2) prevent any accidental user credential leaks, and (3) still give you total flexibility with how to store your user data in Firebase.

* That means we only store the email address / password hash combination and nothing else, so it's up to you to decide how to store current user data in your Firebase. *

GOOGLE TRANSLATE

When using email / password authentication in Firebase Authentication (previously known as SimpleLogin Firebase), the user's email and password combination is stored securely separately from the data stored in Firebase.

This barrier between the data in your Firebase and the password / email hash combinations of the users is by design: we want to make it easier for you (1) to develop your application, (2) prevent any accidental leakage of user credentials, and 3) still offers total flexibility over how to store your user data in Firebase.

That means we only store the hash combination of email address / password and nothing else. So it's up to you to decide how to store actual user data in your Firebase.

Well you can get the user ID and store this data in your Firebase in a location like /users/$id and use Firebase Security Rules Language to determine read / write access to that data. The unique ID and email of your users is already in the auth variable that you will use when composing the rules.

Another alternative is

  • The application will enter an "Admin" access (read only and / or write [depending on the needs])
  • Get a list of Firebase users
  • Use the list to do the necessary validations

In this way you would be logged in and you could do the operations of creating user, updating data, delete a user, read users etc.

    
24.12.2018 / 19:33
1

I went through the same problem. There is no other way than to store this user's UID + information inside the Firestore / Real DataBase.

Firestore Authentication is actually an isolated user authentication service, as is the AWS Cognito where access information is stored within that service.

Looking for a little, I realized that I should store the user data (name, surname, email, city ...) and also the UID as a key.

The flow was basically:

1) The user registers in the application 2) Firestore Authentication generates a new authenticated 3) Automatically I create a new DOC within the Collection "User" having the ID identical to the UID generated within the FA.

Within the official forum of Firestore I found many people saying that this would not be "incorrect" because the UID of the user does not offer any possibility of access to the sensitive data and neither is one.

    
25.12.2018 / 21:09