CODEWITHSUNDEEP
javascriptcssreactjsfirebaseauthentication
Anonymous
Anonymous

Reputation: 91

React-Firebase Authentication

I am having a react application with firebase as authentication. My authentication code is below

await firebase.auth().onAuthStateChanged((user) => {
                if (user) {
                    props.setUser(user); //setting the user if login/register happens
                    history.push(`/admin/dashboard`);
                    console.log("user",user)
                } else {
                    props.setUser(null); //blocks the user to get into the app if he/she is not logged in
                    history.push("/");
                }
            });

So, when user logs in..he will be navigated to /admin/dashboard. suppose when am in /admin/home and when i refresh the page, it goes again to admin/dashboard which shouldn't happen. so I tried history.push(${props.location.pathname}); it works correctly after the refresh, it stays on the same page when the application is logged in. but when I restart the server again when I try to log in, it says no redirect url is specified. Got stuck on this for a long time.. Any help is welcome.Thanks

Upvotes: 0

Views: 133

Answers (1)

Kleysley
Kleysley

Reputation: 573

What your code does is check if the user is logged in and only let the user access the data if so.

You should do that in the fireabse rules (= serverside) as this is way more secure. You didn't provide the kind of FirebaseDB you are using. So assuming you use the Realtime Database here are some according rules:

{
    “rules”: {
        “.read”: “auth != null”,
        “.write”: “auth != null”
    }
}

You should maybe check the rules before deploying your app, because now every authenticated user can change/add/delete data, but you get the point. This does exactly what you want so you won't even need to perform a check in your ReactJS App. Firebase will automatically deny unauthenticated users the access to the database.

Btw: You should try to implement security relevant things in the Firebase Rules. Ideally you want your rules to be written in a way that you don't need to perform any validation inside your ReactJS app. Firebase rules can get quite complex. I experienced that myself when writing a chat app with chatrooms and everything. But it is definitly worth the effort if your app is more secure after.

Upvotes: 1

Related Questions