I currently have user authentication in my app using firebase and swift 3. Is there a way to only let users with a certain email address to sign up to use my app?
Asked
Active
Viewed 3,127 times
3
-
1you could have a node in firebase with no security rules, where you list all the emails that CAN authenticate on your app, Then when you go to Sign Up, you first verify if it is a Valid Email. – Mago Nicolas Palacios Aug 03 '17 at 21:51
-
Maybe the question you want to ask is *Will Apple approve of such an app?* (I don't know the answer.) – Aug 03 '17 at 21:57
-
It depends on what exactly you are trying to do. FireBase already makes it easy to configure authentication with Google, FaceBook and Twitter accounts. If you want people to only use a certain email domain, it should be done by the app. For instance you could have it so users can only register their email with your database if the email ends in a certain domain, and then just authenticate as you normally would. – Stefan Aug 03 '17 at 22:11
-
@Stefan I want my company members only allowed to use it for example "@mycompanyname.com"... Yes, that is exactly what I want to do – Frank Boccia Aug 03 '17 at 22:53
2 Answers
1
Essentially what you want to do is include a boolean test to determine whether the email text contains the domain you want.
Here is a function that determines whether or not the input text contains a set domain.
func isValidEmail(testEmail:String, domain:String) -> Bool {
let emailRegEx = "[A-Z0-9a-z._%+-]+@[\(domain)]+\\.[com]{3,\(domain.characters.count)}"
let emailTest = NSPredicate(format:"SELF MATCHES %@", emailRegEx)
let result = emailTest.evaluate(with: testEmail)
return result
}
Here's an example of me using it
let customDomain = "mycompanyname"
let test = "frank@mycompanyname.com"
if isValidEmail(testEmail: test, domain: customDomain) == true {
//Test succeedes... Here you would register the users as normal
print("register \(test)")
}else{
//Test fails... Here you might tell the user that their email doesn't check out
print("register failed")
}
Additionally, I would take a look at Apples App Distribution Guide for if you want to distribute your app locally to say an employee base.
Hope this helps.
Stefan
- 908
- 1
- 11
- 33
-
-
1This cannot work, if u user type testmail@mycompany.com, its still will register that email, can u fix that again @Stefan – Andrian Rahardja Sep 16 '17 at 07:52
1
You can do the following client and backend checks to enforce this:
- On the client side, you can block sign-in when an invalid email domain is provided. If you are using some federated sign in with Google or Facebook, etc, you can on return check the
currentUser.emailandcurrentUser.deletethe user if the email doesn't match your domain. Google also provides an 'hd' parameter to specify the user domain if you are using GSuite. - You can use Firebase Functions onCreate event to delete a user quickly every time one is created with an invalid email domain.
- If you are using database rules, you can block access if the email doesn't match:
".read": "auth != null && auth.uid == $uid" && auth.token.email.matches(/.*@mydomain.com$/) - If you are using your own backend, when getting the ID token of a user, validate it, then get the email and make sure it matches your domain, if not, you can delete the user. The Firebase Admin SDKs provide the ability to verify an ID token and delete a user by UID.
bojeil
- 29,642
- 4
- 69
- 76