-
-
Save katowulf/6479129 to your computer and use it in GitHub Desktop.
| /*************************************************** | |
| * Simple and elegant, no code complexity | |
| * Disadvantages: Requires warming all data into server memory (could take a long time for MBs of data or millions of records) | |
| * (This disadvantage should go away as we add optimizations to the core product) | |
| ***************************************************/ | |
| var fb = firebase.database.ref(); | |
| /** | |
| * @param {string} emailAddress | |
| * @return {Object} the object contains zero or more user records, the keys are the users' ids | |
| */ | |
| function findUsersMatchingEmail( emailAddress, callback ) { | |
| fb.child('user').orderByChild('emailAddress').equalTo(emailAddress).once('value', function(snap) { | |
| callback( snap.val() ); | |
| }); | |
| } |
| /*************************************************** | |
| * Useful for MBs or more of data, or lists of thousands or more records | |
| * Disadvantages: Slight code complexity due to two queries (one for key, another for record); escaping emails is annoying | |
| ***************************************************/ | |
| var fb = firebase.database.ref(); | |
| /** | |
| * Looks up a user id by email address and invokes callback with the id or null if not found | |
| * @return {Object|null} the object contains the key/value hash for one user | |
| */ | |
| function getUserIdByEmail( emailAddress, callback ) { | |
| fb.child('emails_to_ids/'+emailToKey(emailAddress)).once('value', function(snap) { | |
| callback( snap.val() ); | |
| }); | |
| } | |
| /** | |
| * Creates a new user record and also updates the index | |
| */ | |
| function createNewUser( userRecord ) { | |
| var uid = fb.child('user').push().key(); | |
| // do a multi-path write! | |
| var mergedData = {}; | |
| mergedData['users/' + uid] = userRecord; | |
| mergedData['emails_to_ids/'+emailToKey(userRecord.email)] = uid; | |
| fb.update(mergedData); | |
| return id; | |
| } | |
| /** | |
| * Firebase keys cannot have a period (.) in them, so this converts the emails to valid keys | |
| */ | |
| function emailToKey(emailAddress) { | |
| return emailAddress.replace(/[.]/g, '%20'); | |
| } |
I'm guessing that the security rules for emails_to_ids would be:
"emails_to_ids":{
"$email":{
".read":"<User has need to lookup id by email>",
".write":"<User has ability to create an email, or change the address of an email>"
}
}
This would still allow the user to guess email addresses to look up IDs, but would not allow them to lookup the whole list, decode it, and be able to get the IDs from there.
If there is a need for the ID to remain secret, the only way would be a second table that has a second generated id to actual id lookup, and a server-side process that would handle the actions, but the rules on the actual user list should make the ID's secret irrelevant.
Actually, the path needs to be writeable for creating a new user, as well as anyone that wants to change their email address. This means that it has to be world writeable, thus world readable.
@mikemurray Addressed comments and updated for Firebase queries. Thanks!
@jondthompson world writable/readable isn't necessary. You can make paths editable only by the owner's uid.
@al-the-x hashes are a great answer but btoa isn't necassarily available cross-platform. It just requires including a hash function of some sort or a polyfill for btoa, so still a great choice.
This is awesome, thanks!
var uid = fb.child('user').push().key();
For me it's working as a prop and not a method, so .key instead of .key()
@kristijanmatic Thanks for pointing it out. Also check out this https://developer.mozilla.org/en/docs/Web/API/WindowBase64/Base64_encoding_and_decoding
Now you can just do the following:
admin.auth().getUserByEmail(email)
.then(function(userRecord) {
// See the UserRecord reference doc for the contents of userRecord.
console.log("Successfully fetched user data:", userRecord.toJSON());
})
.catch(function(error) {
console.log("Error fetching user data:", error);
});See https://firebase.google.com/docs/auth/admin/manage-users for details.
@nderkach it works!
thanks man
Love the btoa solution. Can email addresses even have characters outside the latin1 range? @kristijanmatic @al-the-x