英文:
Making a multi-tenant model in Flutter using Firebase but authentication seems to be open
问题
The authentication seems to be open which makes it possible to sign in to some other tenant.
认证似乎是开放的,这使得可能登录到其他租户。
We are going by company wise database structure using cloud firestore in which every user is allocated to a particular company.
我们正在使用云Firestore,按公司智能数据库结构进行操作,其中每个用户都分配给特定的公司。
While signing in there is a possibility the user can sign in to some other tenant which could lead us into a huge blunder for the company and for us.
在登录时,用户有可能登录到其他租户,这可能对公司和我们自己造成严重问题。
We want each user to be specific to a particular company when they login to avoid confusion.
我们希望每个用户在登录时与特定公司相关,以避免混淆。
We are using 2FA authentication but that does not help in any way to avoid such issue of one tenant leading to some other tenant database.
我们正在使用双因素身份验证,但这并不能以任何方式避免租户之间导致其他租户数据库的问题。
We do understand authentication and database are two different aspects; however, we want to authenticate a user to a particular tenant and sign them into a particular company.
我们理解认证和数据库是两个不同的方面;然而,我们希望对用户进行认证,将其登录到特定的租户,并将其登录到特定的公司。
英文:
The authentication seems to be open which makes it possible to sign in to some other tenant.
We are going by company wise database structure using cloud firestore in which every user is allocated to a particular company. While signing in there is a possibility the user can sign in to some other tenant which could lead us into a huge blunder for the company and for us.
We want each user to be specific to a particular company when they login to avoid confusion. We are using 2FA authentication but that does not help in any way to avoid such issue of one tenant leading to some other tenant database. We do understand authentication and database are two different aspect how ever we want to authenticate a use to a particular tenant and sign in them into a particular company.
答案1
得分: 1
你提供了少量信息,如何实现多租户?
- 项目级别,使用一个主要的Firebase项目和N个项目,每个项目对应一个租户。
- 数据库级别,使用一个项目(然后一个身份验证),在Firestore中管理租户。
在第一种情况下,租户隔离是免费的,您可以使用主项目来处理租户和公共信息,使用特定租户项目来处理租户特定信息。您需要在每个租户上复制登录。
在第二种情况下,您需要使用用户的自定义声明和Firebase规则来管理集合访问。
希望对您有用。
英文:
You provide few information, How to implement multi-tenant?
- To project level, with a main Firebase project and N projects one for each tenant
- To database level, with a single project (then a single Auth) and you manage tenants in Firestore
In the first case, tenant isolation is free you can use the main project to handle tenants and common information and specific tenant project to tenant-specific information. You need to replicate the login on each tenant.
In the second case, you need to work with custom claims on user and Firebase rules to manage collection access.
I hope it can be useful for you
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论