Anyone know how I can get the user id for a certain user in Auth?
Let's say I am logged in with current user jalla#gmail.com, then I can get userid by
let userId = FIRAuth.auth()?.currentUser?.uid
But if I want to get the userId of the other user jarra#gmail.com while I am logged in as jalla#gmail.com.
How can I do that?
This is how I create a new user:
FIRAuth.auth()?.createUser(withEmail: txtUsername.text!, password: txtPassword.text!, completion: {
user, error in
if error != nil {
print("error: " + error.debugDescription)
}
else{
print("User created")
self.login()
}
})
Which result in the authenticated user in the image attached.
I also have a Users table, but this has nothing to do with authenticating users for login.
The thing is that I need to programatically add new authenticated users. Which is ok, but how can I query data from the Authenticated table? I need to do it because I add the authenticated uid to each user roots in the database (see User table image)
For each user, create a record in your Firebase Database and store uid for each user so that you can retrieve that uid once you need it.
If you will query uid information by using the email information of the said user (i.e. jarra#gmail.com in your case), it might be best to store user information including uid under a key of respective user's email.
If you are logging in code rather than the console, one option is to leverage a /users node.
With Firebase, it's common practice to have a /users node that stores information about your users.
users
uid_001
email: "dr#who.com"
name: "Dr. Who"
fav_food: "Jelly Babies"
uid_002
email: "homer#simpsons.com"
name: "Homer Simpson"
fav_food: "Doughnuts"
The uid's used as the key to each user node are the ones created by Firebase when the user is created.
From there, it's a snap to query for the email address which will retrieve the node in question, the parent key being the uid of the user.
Related
I am trying to set up RLS to a table in Supabase that will only allow the authenticated user to UPDATE their row on users table. I have opted to use Supabase on my server rather than the front-end. My current workflow is as follows:
Client requests a OTP via email
User is emailed an OTP
OTP is entered into the Client
OTP is verified on the server
If verified UPDATE the users row in the users table with new session details
Return the current user details to the Client
Here is the code that is failing:
const { error } = await supabase
.from('users')
.update({
access_token: session.access_token,
refresh_token: session.refresh_token,
expires_at: session?.expires_at || 0
})
.eq('user_id', user.id)
.single();
Here is the table structure:
When I run const user = supabase.auth.user(); I am showing the correct user that has a user.id that matches the rows user_id column of the row I want to UPDATE.
Without RLS set up this workflow is working perfectly. Anything I try fails. Below are the three RLS that I have tried that should work.
Checking if user exists WHERE auth.uid() = users.user_id in both USING and CHECK
Added auth.uid() = user_id in both USING and CHECK
The weirdest one of the all, set true in both USING and CHECK
Here are screen shots of the uuid on the auth.users table and user_id on the users table:
Attempted this from one of the answers and it is still failing:
Here is the error response I am receiving from Supabase:
This is not very well documented yet, but signed in users have authenticated role, and not anon role, so changing the target role to authenticated should fix it. When in doubt, just leave the target roles blank, which will apply the RLS on all roles.
In Codeigniter, how do I remove specific user's session?
I have set login session like below. And I want to remove specific MemId's LoggedIn(in other words, session for just one user) assuming there are about 1000 users.
$this->session->set_userdata([
'LoggedIn'=>true,'MemId'=>PrimaryKey
]);
When user logged in you are setting two session variables.One is LoggedIn and another 'MemId' which is the primary key of member.So,first retrieve the logged in user member id from database then unset it.Might work properly.
MemId is the member id of user for which you want to remove session.
$this->session->unset_userdata('MemId');
I have found that Code Igniter has already ci_sessions table which stores users session ids in it. I understand the main purpose of that table. Just I want to clarify how I can validate with ci_session table data with my current user login session id?
Basically , I am trying to do User login one place at a time. Multiple login's to be prevented. How can I do this?
You couldn't do that with session ID's since logging in from another location would create a new session ID at that new location.
Store the userID to the session then check it on login.
$this->db->where('userId',$userId);
$result = $this->db->get('ci_session');
if($result->num_rows() > 0)
{
//log out old user, throw error, whatever
} else {
//continue with login
}
By storing the user id in the session data and adding it as a column to the sessions table, you can remove all sessions of that user id on login before the session data is created. This will invalidate any session of the same user. For further explanation on how to do this, see here: https://stackoverflow.com/a/9564433/89211
In my application I have an administrator who can create Tournament objects. When the object is created the service also creates a user (based on the tournament director's info which was entered at creation). The username for the user is the director's e-mail, the password is randomly generated and then mailed to the director.
When the director logs on with his e-mail address and password, I need to be able to link him to his own tournament, in order to only allow him to edit his own tournament's details. I have tried to find a way to store the TournamentId in the default ASP Net Users database, but was unsuccessful.
I had a look at this SO question which would certainly help me, but I can't figure out how it would apply to my problem. When the user logs on, I can't put the TournamentId in the userdata seeing as I don't know it.
Should I then do a lookup in the Tournament table to see which ID corresponds to the email address entered at login and store that in the userData? It seems quite unelegant this way.
I guess you should have a CreatedBy column in your Tournament table where you store the ID of the user who created the tournament. Then when the user logged in, get his id ( may be from session ,if you store it there), Do a select query where CreatedBy=loggedInUserId .That should do the trick.
I basically want to setup in my LogOn Action a conditional statement that looks at the username, and determines that username is already logged in.
At which point the user should be informed.
That account is logged in, if you think you've been hijacked...yada yada yada.
I thought I could add something after this conditional, is there something like my made up method Membership.CheckIfUserIsOnline(string username) out there already?
if (ModelState.IsValid)
{
if (Membership.ValidateUser(model.UserName, model.Password))
{
//See the line below, I made this method up.
if (Membership.CheckIfUserIsOnline(model.UserName){
ModelState.AddModelError("", "Someone else is logged into this account.");
}
If you're using Session State, I would store (ideally in an application-wide cache or alternatively in your application database) a record keyed on the User ID, storing the Session ID.
Then, check the logged-in User ID against the current Session ID when you're looking to detect multiple logons. If the Session ID stored in the database doesn't match the Session ID of the current Session, that may indicate multiple logons.
You have to deal with expiring the values from the data store (which is why an application-wide cache may be better than the application database) and with normal termination of a session (on logoff), but if you're only using it to alert the user, it's probably good enough.