how to make page not accessible to non Firebase Users?












0















I am having trouble with not allowing non users of my site accessing the page after they login. After an individual registers on the site and becomes a user they are brought to /maindash.html and that is basically where the user goes once they register or login. But when someone else pastes the redirected URL it works for them even though they are not a user like if someone types website.com/maindash.html they are redirected to the user page even though they have not registered.



Here is my JS code for login



login.addEventListener('click' , e => {
const emailSignin = signInEmail.value;
const passwordSignin = signInPassword.value;
const auth = firebase.auth();

const promise = auth.signInWithEmailAndPassword(emailSignin, passwordSignin);
promise.catch(e => console.log(e.message));
});

firebase.auth().onAuthStateChanged(firebaseUser => {
if (firebaseUser) {
window.location = '/NovaCoreInc/maindash.html'
}
})


Here is my JS code for registering



if (password === reenter) {
const promise = auth.createUserWithEmailAndPassword(email , password);
promise.catch(e => console.log(e.message));

//Creating the Database for the Users using realtime mf (SAVE THE DATABSE INFO)
database.ref('users/' + name).set({
Email: email,
Password: password,
Gender: gender,
Industry: industry
});
} else {
passwordError.style.display = 'block'
}

});

firebase.auth().onAuthStateChanged(firebaseUser => {
if (firebaseUser) {
window.location = '/NovaCoreInc/maindash.html'
}
})


my main problem is how to keep no registered users away the pages that registered users are authorized for?



thank you










share|improve this question




















  • 1





    If you're using Firebase Hosting, you can't really keep them away from the HTML+JavaScript pages. See stackoverflow.com/questions/27212004/… But you can keep them away from the data in your database with server-side security rules. See firebase.google.com/docs/database/security/user-security

    – Frank van Puffelen
    Nov 27 '18 at 1:56











  • @FrankvanPuffelen I’m hosting it on GitHub but I’ll take a look at the links you have thanks you !

    – user10247849
    Nov 27 '18 at 1:57











  • From a quick scan it seems that Github pages also is all-public, without an option for access control: stackoverflow.com/a/11007746

    – Frank van Puffelen
    Nov 27 '18 at 3:15
















0















I am having trouble with not allowing non users of my site accessing the page after they login. After an individual registers on the site and becomes a user they are brought to /maindash.html and that is basically where the user goes once they register or login. But when someone else pastes the redirected URL it works for them even though they are not a user like if someone types website.com/maindash.html they are redirected to the user page even though they have not registered.



Here is my JS code for login



login.addEventListener('click' , e => {
const emailSignin = signInEmail.value;
const passwordSignin = signInPassword.value;
const auth = firebase.auth();

const promise = auth.signInWithEmailAndPassword(emailSignin, passwordSignin);
promise.catch(e => console.log(e.message));
});

firebase.auth().onAuthStateChanged(firebaseUser => {
if (firebaseUser) {
window.location = '/NovaCoreInc/maindash.html'
}
})


Here is my JS code for registering



if (password === reenter) {
const promise = auth.createUserWithEmailAndPassword(email , password);
promise.catch(e => console.log(e.message));

//Creating the Database for the Users using realtime mf (SAVE THE DATABSE INFO)
database.ref('users/' + name).set({
Email: email,
Password: password,
Gender: gender,
Industry: industry
});
} else {
passwordError.style.display = 'block'
}

});

firebase.auth().onAuthStateChanged(firebaseUser => {
if (firebaseUser) {
window.location = '/NovaCoreInc/maindash.html'
}
})


my main problem is how to keep no registered users away the pages that registered users are authorized for?



thank you










share|improve this question




















  • 1





    If you're using Firebase Hosting, you can't really keep them away from the HTML+JavaScript pages. See stackoverflow.com/questions/27212004/… But you can keep them away from the data in your database with server-side security rules. See firebase.google.com/docs/database/security/user-security

    – Frank van Puffelen
    Nov 27 '18 at 1:56











  • @FrankvanPuffelen I’m hosting it on GitHub but I’ll take a look at the links you have thanks you !

    – user10247849
    Nov 27 '18 at 1:57











  • From a quick scan it seems that Github pages also is all-public, without an option for access control: stackoverflow.com/a/11007746

    – Frank van Puffelen
    Nov 27 '18 at 3:15














0












0








0


1






I am having trouble with not allowing non users of my site accessing the page after they login. After an individual registers on the site and becomes a user they are brought to /maindash.html and that is basically where the user goes once they register or login. But when someone else pastes the redirected URL it works for them even though they are not a user like if someone types website.com/maindash.html they are redirected to the user page even though they have not registered.



Here is my JS code for login



login.addEventListener('click' , e => {
const emailSignin = signInEmail.value;
const passwordSignin = signInPassword.value;
const auth = firebase.auth();

const promise = auth.signInWithEmailAndPassword(emailSignin, passwordSignin);
promise.catch(e => console.log(e.message));
});

firebase.auth().onAuthStateChanged(firebaseUser => {
if (firebaseUser) {
window.location = '/NovaCoreInc/maindash.html'
}
})


Here is my JS code for registering



if (password === reenter) {
const promise = auth.createUserWithEmailAndPassword(email , password);
promise.catch(e => console.log(e.message));

//Creating the Database for the Users using realtime mf (SAVE THE DATABSE INFO)
database.ref('users/' + name).set({
Email: email,
Password: password,
Gender: gender,
Industry: industry
});
} else {
passwordError.style.display = 'block'
}

});

firebase.auth().onAuthStateChanged(firebaseUser => {
if (firebaseUser) {
window.location = '/NovaCoreInc/maindash.html'
}
})


my main problem is how to keep no registered users away the pages that registered users are authorized for?



thank you










share|improve this question
















I am having trouble with not allowing non users of my site accessing the page after they login. After an individual registers on the site and becomes a user they are brought to /maindash.html and that is basically where the user goes once they register or login. But when someone else pastes the redirected URL it works for them even though they are not a user like if someone types website.com/maindash.html they are redirected to the user page even though they have not registered.



Here is my JS code for login



login.addEventListener('click' , e => {
const emailSignin = signInEmail.value;
const passwordSignin = signInPassword.value;
const auth = firebase.auth();

const promise = auth.signInWithEmailAndPassword(emailSignin, passwordSignin);
promise.catch(e => console.log(e.message));
});

firebase.auth().onAuthStateChanged(firebaseUser => {
if (firebaseUser) {
window.location = '/NovaCoreInc/maindash.html'
}
})


Here is my JS code for registering



if (password === reenter) {
const promise = auth.createUserWithEmailAndPassword(email , password);
promise.catch(e => console.log(e.message));

//Creating the Database for the Users using realtime mf (SAVE THE DATABSE INFO)
database.ref('users/' + name).set({
Email: email,
Password: password,
Gender: gender,
Industry: industry
});
} else {
passwordError.style.display = 'block'
}

});

firebase.auth().onAuthStateChanged(firebaseUser => {
if (firebaseUser) {
window.location = '/NovaCoreInc/maindash.html'
}
})


my main problem is how to keep no registered users away the pages that registered users are authorized for?



thank you







javascript firebase user-interface firebase-authentication






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Nov 27 '18 at 1:54









Frank van Puffelen

237k29382408




237k29382408










asked Nov 27 '18 at 1:53







user10247849















  • 1





    If you're using Firebase Hosting, you can't really keep them away from the HTML+JavaScript pages. See stackoverflow.com/questions/27212004/… But you can keep them away from the data in your database with server-side security rules. See firebase.google.com/docs/database/security/user-security

    – Frank van Puffelen
    Nov 27 '18 at 1:56











  • @FrankvanPuffelen I’m hosting it on GitHub but I’ll take a look at the links you have thanks you !

    – user10247849
    Nov 27 '18 at 1:57











  • From a quick scan it seems that Github pages also is all-public, without an option for access control: stackoverflow.com/a/11007746

    – Frank van Puffelen
    Nov 27 '18 at 3:15














  • 1





    If you're using Firebase Hosting, you can't really keep them away from the HTML+JavaScript pages. See stackoverflow.com/questions/27212004/… But you can keep them away from the data in your database with server-side security rules. See firebase.google.com/docs/database/security/user-security

    – Frank van Puffelen
    Nov 27 '18 at 1:56











  • @FrankvanPuffelen I’m hosting it on GitHub but I’ll take a look at the links you have thanks you !

    – user10247849
    Nov 27 '18 at 1:57











  • From a quick scan it seems that Github pages also is all-public, without an option for access control: stackoverflow.com/a/11007746

    – Frank van Puffelen
    Nov 27 '18 at 3:15








1




1





If you're using Firebase Hosting, you can't really keep them away from the HTML+JavaScript pages. See stackoverflow.com/questions/27212004/… But you can keep them away from the data in your database with server-side security rules. See firebase.google.com/docs/database/security/user-security

– Frank van Puffelen
Nov 27 '18 at 1:56





If you're using Firebase Hosting, you can't really keep them away from the HTML+JavaScript pages. See stackoverflow.com/questions/27212004/… But you can keep them away from the data in your database with server-side security rules. See firebase.google.com/docs/database/security/user-security

– Frank van Puffelen
Nov 27 '18 at 1:56













@FrankvanPuffelen I’m hosting it on GitHub but I’ll take a look at the links you have thanks you !

– user10247849
Nov 27 '18 at 1:57





@FrankvanPuffelen I’m hosting it on GitHub but I’ll take a look at the links you have thanks you !

– user10247849
Nov 27 '18 at 1:57













From a quick scan it seems that Github pages also is all-public, without an option for access control: stackoverflow.com/a/11007746

– Frank van Puffelen
Nov 27 '18 at 3:15





From a quick scan it seems that Github pages also is all-public, without an option for access control: stackoverflow.com/a/11007746

– Frank van Puffelen
Nov 27 '18 at 3:15












0






active

oldest

votes











Your Answer






StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53491653%2fhow-to-make-page-not-accessible-to-non-firebase-users%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown
























0






active

oldest

votes








0






active

oldest

votes









active

oldest

votes






active

oldest

votes
















draft saved

draft discarded




















































Thanks for contributing an answer to Stack Overflow!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53491653%2fhow-to-make-page-not-accessible-to-non-firebase-users%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







Popular posts from this blog

A CLEAN and SIMPLE way to add appendices to Table of Contents and bookmarks

Calculate evaluation metrics using cross_val_predict sklearn

Insert data from modal to MySQL (multiple modal on website)