CODEWITHSUNDEEP
angularfirebasefirebase-authentication
LewBlu
LewBlu

Reputation: 240

Remove user from Firebase Auth

I am using the email/password auth from firebase to manage authentication to my angular application. I have created an admin panel to manage the users which based on CRUD to control the users on the app.

So far I have managed to create new users and user their localID to store additional information about that user such as name, age etc. in a real time database

The issue I have run into is when looking at the documentation for the firebase auth api (https://firebase.google.com/docs/reference/rest/auth#section-create-email-password) it refers to using the IdToken which is created when the current user if logged in. I want to be able to edit/delete a different user to the one that is currently logged in but I am unable to find anything in the documentation relating to this?

Any help is much appreciated if I am looking in the wrong place or any work around if not possible?

Upvotes: 0

Views: 401

Answers (1)

Louis Coulet
Louis Coulet

Reputation: 4601

It seems to be impossible to delete a user different from the currently logged in user from the client-side. Wouldn't it be dangerous otherwise?

What you could do instead:

  • create a Cloud Function, callable from client side,
  • within this function, check for permission,
  • and then delete the user using the admin SDK
exports.deleteUser = functions.https.onCall(async (data, context) => {
  const uidToDelete = data.uidToDelete;
  const uid = context.auth.uid;

  if(!canDelete(uid, uidToDelete))
    return "forbidden";  

  await admin.auth().deleteUser(uidToDelete);

  return "done";
});

This is described in the guides and in the reference.

Upvotes: 1

Related Questions