Is your feature request related to a problem? Please describe.
To increase security when accessing data from firebase and to limit the application to a specific user set a user management and authentication is mandatory.
Describe the solution you'd like
The email (username) and password mechanism from firebase should be used.
In the first draft the application should only be accessible by users where the TLD is their email addresses is pmone.com. At the moment there is no need for any kind of multi-tenancy.
If the user isn't authenticated it should not be possible to take any orders nor access the firebase database. When a not authenticated user requested a protected route he should be redirected to the login page where he can enter his credentials.
Describe alternatives you've considered
Considerable alternatives would be OAuth services providers like Google, Facebook, Github etc., but this may increase the complexity of granting users access to specific resources. Although this could be interesting when opening the platform for multiple-organizations or users outside the pmone.com domain.
Is your feature request related to a problem? Please describe. To increase security when accessing data from firebase and to limit the application to a specific user set a user management and authentication is mandatory.
Describe the solution you'd like The email (username) and password mechanism from firebase should be used. In the first draft the application should only be accessible by users where the TLD is their email addresses is pmone.com. At the moment there is no need for any kind of multi-tenancy.
If the user isn't authenticated it should not be possible to take any orders nor access the firebase database. When a not authenticated user requested a protected route he should be redirected to the login page where he can enter his credentials.
Describe alternatives you've considered Considerable alternatives would be OAuth services providers like Google, Facebook, Github etc., but this may increase the complexity of granting users access to specific resources. Although this could be interesting when opening the platform for multiple-organizations or users outside the pmone.com domain.