secure firebase functions

Tychobra / polished

Authentication and Administration for Shiny apps

https://polished.tech

Other

234 stars 36 forks source link

Closed merlinoa closed 5 years ago

merlinoa commented 5 years ago

right now the https callable functions other than the wignInWithToken are not secure.

Steps to secure the functions

move deleteUserRole from an https callable function to a regular callable function on the front end and check that user is signed in and is an admin
include the JWT with all other https callable function requests

merlinoa commented 5 years ago

completed with 7a19477f024514b171a46c852482e69c1e79bbe6