I'm loving working with Firebase but I have hit a brick wall.
I can authenticate in Firebase using a provider but it doesn't matter who they are, once they provide there credentials they have access to my application.
I want to restrict which users can access my site.
I am assuming the best way to do this is via security rules but I haven't seen a great example of how to do this.
- Are Custom Tokens the best way to do this?
- How do I associate a custom token to a provider user?
- Is there a better way?
If possible, could someone point me to a resource that clearly demostrates this or provide an example?
I have read the links provided from this post but I can't see any example that grants privileges to certain provider users.