0

Is there someway that i can avoid setting up a server to authenticate my admins.

I know the facebook id's of the users I want to make admin, but it seems unproductive to add the user id's to the security rules, espacially if you get to 10-20 admins.

Should i make a hidden page where a i make the JWT (which there is a chance people will find) or is there a smarter way?

Kevin Simper
  • 1,669
  • 19
  • 32
  • 1
    Check out [http://stackoverflow.com/a/21834842/879295](http://stackoverflow.com/a/21834842/879295), which also solves your problem. In short, you'll want to create a bucket in your Firebase (for example: "admins") and in your security rules check to see if a user is an admin via `root.child('admins').hasChild(auth.id)` where `/admins` maps user-ids to any value. – Rob DiMarco Apr 22 '14 at 20:44
  • possible duplicate of [Is there a way to restrict registrations in firebase](http://stackoverflow.com/questions/21815229/is-there-a-way-to-restrict-registrations-in-firebase) – Kato Apr 24 '14 at 19:08

0 Answers0