Manage two types of users FIREBASE auth + REACTJS

Question

I'm making a system that have a users and admins, Admins could do unique things like ("delete users/access to admin dashboard ecc...").

For the frontend I'm using ReactJs, for the authentication I use firebase auth (that store the authentication info of users) and for the users data I have an Express API that saves the data in a PostgreSql db.

So when a new user is registering the email and password are saved in firebase auth, and the other data such Name,Lastname,address ecc... will be stored in PostgreSQl db where every user is identified from the unique UID that firebase provide after register.

Below a small diagram that show how the register system works

The admins will be registered manually and in PostgreSql I have a table called Admins that will store the extra data for admins (is similar of users data, but with more attributes).

But my question now is, how I check in my frontend if the current logged user is admin or normal user??

Maybe checking after login if the uid of the user logged is in the Admins postgreSql table? But this will be too expensive in terms of excecution right??? because every page reload or similar I have to repeat the check with the backend. Because firebase manage the users and admins in the same way, only my backend knows if the user is admin or not.

Anyone know if there is a good solution to handle this situation??

Thanks! Davide.

Answer 1

It's probably best to use Firebase Admin's 'setCustomUserClaims' function to add to a new administrator's auth token. You could add something like "admin":true. Then, when a user authenticates, your frontend code can check if that token exists. Here's a link to Firebase's guide on doing exactly this: https://firebase.google.com/docs/auth/admin/custom-claims