how to make page not accessible to non Firebase Users?
I am having trouble with not allowing non users of my site accessing the page after they login. After an individual registers on the site and becomes a user they are brought to /maindash.html and that is basically where the user goes once they register or login. But when someone else pastes the redirected URL it works for them even though they are not a user like if someone types website.com/maindash.html they are redirected to the user page even though they have not registered.
Here is my JS code for login
login.addEventListener('click' , e => {
const emailSignin = signInEmail.value;
const passwordSignin = signInPassword.value;
const auth = firebase.auth();
const promise = auth.signInWithEmailAndPassword(emailSignin, passwordSignin);
promise.catch(e => console.log(e.message));
});
firebase.auth().onAuthStateChanged(firebaseUser => {
if (firebaseUser) {
window.location = '/NovaCoreInc/maindash.html'
}
})
Here is my JS code for registering
if (password === reenter) {
const promise = auth.createUserWithEmailAndPassword(email , password);
promise.catch(e => console.log(e.message));
//Creating the Database for the Users using realtime mf (SAVE THE DATABSE INFO)
database.ref('users/' + name).set({
Email: email,
Password: password,
Gender: gender,
Industry: industry
});
} else {
passwordError.style.display = 'block'
}
});
firebase.auth().onAuthStateChanged(firebaseUser => {
if (firebaseUser) {
window.location = '/NovaCoreInc/maindash.html'
}
})
my main problem is how to keep no registered users away the pages that registered users are authorized for?
thank you
javascript firebase user-interface firebase-authentication
add a comment |
I am having trouble with not allowing non users of my site accessing the page after they login. After an individual registers on the site and becomes a user they are brought to /maindash.html and that is basically where the user goes once they register or login. But when someone else pastes the redirected URL it works for them even though they are not a user like if someone types website.com/maindash.html they are redirected to the user page even though they have not registered.
Here is my JS code for login
login.addEventListener('click' , e => {
const emailSignin = signInEmail.value;
const passwordSignin = signInPassword.value;
const auth = firebase.auth();
const promise = auth.signInWithEmailAndPassword(emailSignin, passwordSignin);
promise.catch(e => console.log(e.message));
});
firebase.auth().onAuthStateChanged(firebaseUser => {
if (firebaseUser) {
window.location = '/NovaCoreInc/maindash.html'
}
})
Here is my JS code for registering
if (password === reenter) {
const promise = auth.createUserWithEmailAndPassword(email , password);
promise.catch(e => console.log(e.message));
//Creating the Database for the Users using realtime mf (SAVE THE DATABSE INFO)
database.ref('users/' + name).set({
Email: email,
Password: password,
Gender: gender,
Industry: industry
});
} else {
passwordError.style.display = 'block'
}
});
firebase.auth().onAuthStateChanged(firebaseUser => {
if (firebaseUser) {
window.location = '/NovaCoreInc/maindash.html'
}
})
my main problem is how to keep no registered users away the pages that registered users are authorized for?
thank you
javascript firebase user-interface firebase-authentication
1
If you're using Firebase Hosting, you can't really keep them away from the HTML+JavaScript pages. See stackoverflow.com/questions/27212004/… But you can keep them away from the data in your database with server-side security rules. See firebase.google.com/docs/database/security/user-security
– Frank van Puffelen
Nov 27 '18 at 1:56
@FrankvanPuffelen I’m hosting it on GitHub but I’ll take a look at the links you have thanks you !
– user10247849
Nov 27 '18 at 1:57
From a quick scan it seems that Github pages also is all-public, without an option for access control: stackoverflow.com/a/11007746
– Frank van Puffelen
Nov 27 '18 at 3:15
add a comment |
I am having trouble with not allowing non users of my site accessing the page after they login. After an individual registers on the site and becomes a user they are brought to /maindash.html and that is basically where the user goes once they register or login. But when someone else pastes the redirected URL it works for them even though they are not a user like if someone types website.com/maindash.html they are redirected to the user page even though they have not registered.
Here is my JS code for login
login.addEventListener('click' , e => {
const emailSignin = signInEmail.value;
const passwordSignin = signInPassword.value;
const auth = firebase.auth();
const promise = auth.signInWithEmailAndPassword(emailSignin, passwordSignin);
promise.catch(e => console.log(e.message));
});
firebase.auth().onAuthStateChanged(firebaseUser => {
if (firebaseUser) {
window.location = '/NovaCoreInc/maindash.html'
}
})
Here is my JS code for registering
if (password === reenter) {
const promise = auth.createUserWithEmailAndPassword(email , password);
promise.catch(e => console.log(e.message));
//Creating the Database for the Users using realtime mf (SAVE THE DATABSE INFO)
database.ref('users/' + name).set({
Email: email,
Password: password,
Gender: gender,
Industry: industry
});
} else {
passwordError.style.display = 'block'
}
});
firebase.auth().onAuthStateChanged(firebaseUser => {
if (firebaseUser) {
window.location = '/NovaCoreInc/maindash.html'
}
})
my main problem is how to keep no registered users away the pages that registered users are authorized for?
thank you
javascript firebase user-interface firebase-authentication
I am having trouble with not allowing non users of my site accessing the page after they login. After an individual registers on the site and becomes a user they are brought to /maindash.html and that is basically where the user goes once they register or login. But when someone else pastes the redirected URL it works for them even though they are not a user like if someone types website.com/maindash.html they are redirected to the user page even though they have not registered.
Here is my JS code for login
login.addEventListener('click' , e => {
const emailSignin = signInEmail.value;
const passwordSignin = signInPassword.value;
const auth = firebase.auth();
const promise = auth.signInWithEmailAndPassword(emailSignin, passwordSignin);
promise.catch(e => console.log(e.message));
});
firebase.auth().onAuthStateChanged(firebaseUser => {
if (firebaseUser) {
window.location = '/NovaCoreInc/maindash.html'
}
})
Here is my JS code for registering
if (password === reenter) {
const promise = auth.createUserWithEmailAndPassword(email , password);
promise.catch(e => console.log(e.message));
//Creating the Database for the Users using realtime mf (SAVE THE DATABSE INFO)
database.ref('users/' + name).set({
Email: email,
Password: password,
Gender: gender,
Industry: industry
});
} else {
passwordError.style.display = 'block'
}
});
firebase.auth().onAuthStateChanged(firebaseUser => {
if (firebaseUser) {
window.location = '/NovaCoreInc/maindash.html'
}
})
my main problem is how to keep no registered users away the pages that registered users are authorized for?
thank you
javascript firebase user-interface firebase-authentication
javascript firebase user-interface firebase-authentication
edited Nov 27 '18 at 1:54
Frank van Puffelen
237k29382408
237k29382408
asked Nov 27 '18 at 1:53
user10247849
1
If you're using Firebase Hosting, you can't really keep them away from the HTML+JavaScript pages. See stackoverflow.com/questions/27212004/… But you can keep them away from the data in your database with server-side security rules. See firebase.google.com/docs/database/security/user-security
– Frank van Puffelen
Nov 27 '18 at 1:56
@FrankvanPuffelen I’m hosting it on GitHub but I’ll take a look at the links you have thanks you !
– user10247849
Nov 27 '18 at 1:57
From a quick scan it seems that Github pages also is all-public, without an option for access control: stackoverflow.com/a/11007746
– Frank van Puffelen
Nov 27 '18 at 3:15
add a comment |
1
If you're using Firebase Hosting, you can't really keep them away from the HTML+JavaScript pages. See stackoverflow.com/questions/27212004/… But you can keep them away from the data in your database with server-side security rules. See firebase.google.com/docs/database/security/user-security
– Frank van Puffelen
Nov 27 '18 at 1:56
@FrankvanPuffelen I’m hosting it on GitHub but I’ll take a look at the links you have thanks you !
– user10247849
Nov 27 '18 at 1:57
From a quick scan it seems that Github pages also is all-public, without an option for access control: stackoverflow.com/a/11007746
– Frank van Puffelen
Nov 27 '18 at 3:15
1
1
If you're using Firebase Hosting, you can't really keep them away from the HTML+JavaScript pages. See stackoverflow.com/questions/27212004/… But you can keep them away from the data in your database with server-side security rules. See firebase.google.com/docs/database/security/user-security
– Frank van Puffelen
Nov 27 '18 at 1:56
If you're using Firebase Hosting, you can't really keep them away from the HTML+JavaScript pages. See stackoverflow.com/questions/27212004/… But you can keep them away from the data in your database with server-side security rules. See firebase.google.com/docs/database/security/user-security
– Frank van Puffelen
Nov 27 '18 at 1:56
@FrankvanPuffelen I’m hosting it on GitHub but I’ll take a look at the links you have thanks you !
– user10247849
Nov 27 '18 at 1:57
@FrankvanPuffelen I’m hosting it on GitHub but I’ll take a look at the links you have thanks you !
– user10247849
Nov 27 '18 at 1:57
From a quick scan it seems that Github pages also is all-public, without an option for access control: stackoverflow.com/a/11007746
– Frank van Puffelen
Nov 27 '18 at 3:15
From a quick scan it seems that Github pages also is all-public, without an option for access control: stackoverflow.com/a/11007746
– Frank van Puffelen
Nov 27 '18 at 3:15
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53491653%2fhow-to-make-page-not-accessible-to-non-firebase-users%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53491653%2fhow-to-make-page-not-accessible-to-non-firebase-users%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
1
If you're using Firebase Hosting, you can't really keep them away from the HTML+JavaScript pages. See stackoverflow.com/questions/27212004/… But you can keep them away from the data in your database with server-side security rules. See firebase.google.com/docs/database/security/user-security
– Frank van Puffelen
Nov 27 '18 at 1:56
@FrankvanPuffelen I’m hosting it on GitHub but I’ll take a look at the links you have thanks you !
– user10247849
Nov 27 '18 at 1:57
From a quick scan it seems that Github pages also is all-public, without an option for access control: stackoverflow.com/a/11007746
– Frank van Puffelen
Nov 27 '18 at 3:15