Company logo
  • Jobs
  • Bootcamp
  • About Us
  • For professionals
    • Home
    • Jobs
    • Courses
    • Questions
    • Teachers
    • Bootcamp
  • For business
    • Home
    • Our process
    • Plans
    • Assessments
    • Payroll
    • Blog
    • Sales
    • Calculator

0

88
Views
AngularFire hasCustomClaim and customClaims not working

I have been trying to use Firebase custom claims and successfully able to create user-based roles like, manager, editor, admin. This is how my custom claim is saved in my Firebase Emulator Suite.

For user custom clams are set like this {"role": "manager"}, but whenever I tried to login and get the custom claim of the user it doesn't work.

Just an FYI I tried to set custom claims like this too {"manager": true} but hasCustomClaim("manager") always works if I use this in if and else condition even if I set {"manager": false} also if i try to login using admin privileges but still manager level works properly

const adminOnly = () => hasCustomClaim("admin");
const editorOnly = () => hasCustomClaim("editor");
const managerOnly = () => hasCustomClaim("manager" ); 

const editorOnly2d = pipe(customClaims, map(claims => claims.role == "editor"));
const mngOnly2 = pipe(customClaims, map(claims => claims.role == "manager"));

How shall I get current logged in user custom claims so that I can set routes based on user role?

This is what I get after login authUser.getIdTokenResult(true)

aud: "testing" 
auth_time: 1629796111 
email: "test12@gmail.com" 
email_verified:false 
exp: 1629799711 
firebase: {identities: {…}, sign_in_provider: "password"} 
iat: 1629796111 
iss: "https://securetoken.google.com/testing" 
role: "manager" 
name: "Testing" 
sub: "ZUlXd59HMhFI5gyozxW1xw0IXtPi" 
user_id: "ZUlXd59HMhFI5gyozxW1xw0IXtPi"

I tried to search the issue, but all of them suggest the same thing that I used above.

5 months ago · Juan Pablo Isaza
1 answers
Answer question

0

The {"role": "manager"} will not work, because hasCustomClaim("admin") (as far as I can see) only checks for the existence of a claim named admin.

That also explains why it works when you use "manager": false, hasCustomClaim merely checks for the presence of the claim regardless of its value. Non-admins should not have an admin claim.

So if you want to use the existing AngularFire pipes, you'll need claims that identify whether the user is an admin, editor, and/or manager.

If you want to use your own role-based access control, that is possible too, but you'll have to implement your own auth pipe filters. For those, you'll want to start by logging the claims, so you can see what you're map call is working against.

5 months ago · Juan Pablo Isaza Report
Answer question
Find remote jobs