Javascript 从 Firebase 中删除特定用户
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/38800414/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Delete a specific user from Firebase
提问by b4oshany
Is there a way I can get a specific user account from firebase and then delete it?
有没有办法可以从 firebase 获取特定用户帐户然后将其删除?
For instance:
例如:
// I need a means of getting a specific auth user.
var user = firebase.auth().getUser(uid);
// Note the getUser function is not an actual function.
After, I want to delete that user and their additional data:
之后,我想删除该用户及其附加数据:
// This works
user.delete().then(function() {
// User deleted.
var ref = firebase.database().ref(
"users/".concat(user.uid, "/")
);
ref.remove();
});
Firebase Documentationstates that users can be deleted if they are currently logged in:
Firebase 文档指出,如果用户当前已登录,则可以将其删除:
firebase.auth().currentUser.delete()
My aim is to allow logged in admin user to delete other users from the system.
我的目标是允许登录的管理员用户从系统中删除其他用户。
采纳答案by Frank van Puffelen
When using the client-side SDKs for Firebase Authentication, you can only delete the user account that is currently signed in. Anything else would be a huge security risk, as it would allow users of your app to delete each other's account.
使用客户端 SDK 进行 Firebase 身份验证时,您只能删除当前登录的用户帐户。其他任何事情都会带来巨大的安全风险,因为它会允许您的应用程序用户删除彼此的帐户。
The Admin SDKsfor Firebase Authentication are designed to be used in a trusted environment, such as your development machine, a server that you control, or Cloud Functions. Because they run in a trusted environment, they can perform certain operations that the client-side SDKs can't perform, such as deleting user accounts by simply knowing their UID.
Firebase 身份验证的Admin SDK旨在用于受信任的环境,例如您的开发机器、您控制的服务器或 Cloud Functions。因为它们运行在受信任的环境中,所以它们可以执行某些客户端 SDK 无法执行的操作,例如只需知道用户的 UID 即可删除用户帐户。
Also see:
另见:
Another common approach is to keep a whitelist/blacklist in for example the Firebase Database and authorize user based on that. See How to disable Signup in Firebase 3.x
另一种常见的方法是在 Firebase 数据库中保留一个白名单/黑名单,并根据它授权用户。请参阅如何在 Firebase 3.x 中禁用注册
回答by Rahul Parmar
Just apply this code same way that you have done authentication.
只需以与您进行身份验证相同的方式应用此代码。
var user = firebase.auth().currentUser;
user.delete().then(function() {
// User deleted.
}).catch(function(error) {
// An error happened.
});
回答by Ali Haider
npm i --save firebase-admin
import * as admin from "firebase-admin"
npm i --save firebase-admin
从“firebase-admin”导入 * 作为管理员
