I would like to do an app, where you can only register with an specific random unique token that I gave the people. So I gave them a token, for example: 8743-2342-6587 and they can go in the app on the register page, type in this token and also type in email and password like a basic authentication.
What's the best way to do this? Maybe I should do in Firestore a Collection of tokens that are free. On Registration I check if the token exists in that collection, if yes than set it to "not free" which could be a boolean value. And the user registers... Or is there a better way to do such things like that?
CodePudding user response:
One way to do this would be to store all these tokens in a Firestore collections and when users enters a code, verify it in a Cloud function and then creating an account using Admin SDK. Then you can sign in user with client SDK. The flow would be like:
- User enters credentials to registration along with the token (if any)
- These credentials are sent to a Cloud Function which then creates user in Firebase Authentication with provided credentials
- If user had also provided any token, you can check if that exists in Firestore and then set the required boolean value either in a database or custom claims.
For example:
exports.registerUser = functions.https.onCall((data, context) => {
const { email, password, token } = data;
const { user } = await admin.auth().createUser({email, password})
// const token = {check if token exists in Firestore}
if (token) {
// set custom claims
}
});
You can also just create an account first and then check if token exists directly without a Cloud function but that'll work only if the token is associated with an email so only that user can check it's existence (unless anyone is allowed to check it).
If a user must provided a token to create an account at first place, then I'd recommend using Cloud functions. You can also disable sign ups from Firebase Client SDKs if needed (requires Cloud Identity API).