Authorize users server-side #35
Comments
rottbers
added a commit
that referenced
this issue
May 22, 2022
Replaces the firebase integration since KYH will move away from using Google. Instead we've opted for a implementation using local storage and removing `/signin`. In this PR I've also started to migrate large parts of `web` to typescript however with the tsconfig setting `strict` set to `false` as a stepping stone during the meantime. Closes #35
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
During development of this project authenticated google users have been validated to use a
@*.kyh.seaddress client-side. To ensure only authorized google user can access the platforms content this should obviously happen server-side.The approached mentioned here is simple and works perfectly fine to only authorize users within the kyh google organization however there is one drawback in terms of UX. The happy path we'll be unchanged so most users wouldn't be affected, but if the user for some reason attempt to sign in with an unauthorized account they'll get stuck on a cryptic 403 google page without any friendly message or actions on how to recover.
Firebase functions and listening to certain auth events maybe an alternative but not something I've explored.
The text was updated successfully, but these errors were encountered: