Reputation: 37
Whitelisting email domains in firebase
I am currently creating a iOS application that is targeted towards university students. For security purposes, the only method of registration is by using their university emails (with the respected email domains). However for that to happen, I need to white list specific domains so emails like [email protected] can not register/login.
Now there are two ways to do this, first I need to create an if statement when the user is registering/logging in by checking if the email text field contains the appropriate email domain (that is in the white-list) and the second thing I need to do is set firebase rules for reading and writing if the auth user has and email domain that ends with the specified white-listed domain.
So far I was able to do this for one email domain but if I am targeting 100 schools, I cant have 100 if statements in my code (well I can but it would be very inefficient). So I was hoping there would be a way to include a csv file in my Xcode project for it to read from as well as having a cvs file that the firebase rules can read from. If that is not the case. I was hoping I can create an internal list of the email domains.
Upvotes: 0
Views: 1037
Answers (1)
Reputation: 7546
Since the domains you want to whitelist are likely to change over time, I suggest you keep track of them outside of the app itself. If you're using Cloud Firestore, for example, you could keep a collection of domains that are whitelisted.
domains:
college.edu: {
someinfo: true,
// and so on
},
school.net: {
someinfo: false,
// etc
}
Then, when a user wants to sign up, instead of calling createUser from the client, pass the information in the body of a request to a server endpoint. This would be a good use case for Cloud Functions. Cloud Functions are available in Node.js, not Swift, so my example is written in JS.
exports.addMessage = functions.https.onCall((data, context) => {
const domain = data.domain; // or you could regex the domain from the email. I just didn't feel like doing that here
const email = data.email;
const password = data.password;
const domainRef = db.collection('domains').doc(domain);
return domainRef.get()
.then(doc => {
if (!doc.exists) {
console.log('No such document!');
} else {
console.log('Document data:', doc.data());
admin.auth().createUser({
email: email,
password: password,
})
.then(function(userRecord) {
// See the UserRecord reference doc for the contents of userRecord.
console.log('Successfully created new user:', userRecord.uid);
return {
success: true
};
})
.catch(function(error) {
console.log('Error creating new user:', error);
return {
error: error
};
});
}
})
.catch(err => {
console.log('Error getting document', err);
return {
error: error
};
});
});
In this example, I use the Firebase Admin Auth SDK to create a new user.
Upvotes: 1
Related Questions
- How to restrict email domains in Firebase Authentication
- Firebase Email Link Authentication - Restrict To Certain Domain(s)?
- Using a custom domain with Firebase OAuth authentication in Swift
- Firebase Domain Whitelist not working for sendEmailVerification
- How do I restrict user sign ups to only certain domains in Firebase?
- Restrict Firebase users by email
- How to allow user to access with any emailadress in firebase?
- Firebase not recognizing associated domains when using ActionCodesSettings with Auth.sendEmailVerification
- Firebase Authentication with whitelisted email addresses
- Swift 3: Determining if an email domain is valid with Firebase