I am having trouble with not allowing non users of my site accessing the page after they login. After an individual registers on the site and becomes a user they are brought to /maindash.html and that is basically where the user goes once they register or login. But when someone else pastes the redirected URL it works for them even though they are not a user like if someone types website.com/maindash.html they are redirected to the user page even though they have not registered.
Here is my JS code for login
login.addEventListener('click' , e => {
const emailSignin = signInEmail.value;
const passwordSignin = signInPassword.value;
const auth = firebase.auth();
const promise = auth.signInWithEmailAndPassword(emailSignin, passwordSignin);
promise.catch(e => console.log(e.message));
});
firebase.auth().onAuthStateChanged(firebaseUser => {
if (firebaseUser) {
window.location = '/NovaCoreInc/maindash.html'
}
})
Here is my JS code for registering
if (password === reenter) {
const promise = auth.createUserWithEmailAndPassword(email , password);
promise.catch(e => console.log(e.message));
//Creating the Database for the Users using realtime mf (SAVE THE DATABSE INFO)
database.ref('users/' + name).set({
Email: email,
Password: password,
Gender: gender,
Industry: industry
});
} else {
passwordError.style.display = 'block'
}
});
firebase.auth().onAuthStateChanged(firebaseUser => {
if (firebaseUser) {
window.location = '/NovaCoreInc/maindash.html'
}
})
my main problem is how to keep no registered users away the pages that registered users are authorized for?
thank you
