Skip to content

Instantly share code, notes, and snippets.

@zachary-russell

zachary-russell/auth-check.js

Last active June 2, 2020 14:46
Show Gist options
  • Save zachary-russell/4c4eb5e3fdb86581bb0b373519cf38a5 to your computer and use it in GitHub Desktop.
Save zachary-russell/4c4eb5e3fdb86581bb0b373519cf38a5 to your computer and use it in GitHub Desktop.
Download ZIP
Firestore Security Rules
Raw
auth-check.js
import * as firebase from "firebase/app";
import { db } from "./db";
import "firebase/auth";
/**
* Check if the account used for login is valid
*
* @returns {Promise}
*/
function validAccountCheck() {
const user = firebase.auth().currentUser;
return db
.collection("Employees")
.doc(user.uid)
.set(
{
displayName: user.displayName,
email: user.email,
photoURL: user.photoURL
},
{
merge: true
}
)
.then(() => true)
.catch(err => {
// Not a white-listed domain
console.log(err);
return false;
});
}
export { validAccountCheck };
Raw
firestore-security.js
service cloud.firestore {
match /databases/{database}/documents {
function validAccount(userEmail){
return userEmail.split('@')[1] == 'example.com' || userEmail.split('@')[1] == 'othersite.com';
}
match /Employees {
match /{userId}{
allow read: if request.auth != null && validAccount(request.auth.token.email);
allow write: if request.auth.uid == userId /// Avoid editing another person's profile
&& validAccount(request.auth.token.email);
}
}
match /{document=**} {
allow read, write: if request.auth.uid != null && validAccount(request.auth.token.email);
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment