This guide will walk you through setting up admin access for your application when deploying to Vercel using Firebase Authentication and Firestore.
- Go to the Firebase Console and select your project.
- In the left sidebar, click on Authentication → Users.
- Click the Add User button.
- Enter the email and password for your admin account (e.g., admin@example.com).
- Click Add User to create the account.
There are two ways to designate an admin user:
- In the Firebase Console, go to Firestore Database → Data.
- Create a new collection called
admins. - Add a new document with the ID matching the admin user's UID (found in Authentication → Users).
- Add a field:
rolewith the valueadmin.
Collection: admins
Document ID: [Admin User's UID]
Fields:
- role: "admin"
For production applications with more complex authorization needs, you can use the Firebase Admin SDK to add custom claims to user profiles. This requires server-side code (such as a Firebase Cloud Function):
const admin = require('firebase-admin');
admin.initializeApp();
async function setAdminRole(uid) {
try {
await admin.auth().setCustomUserClaims(uid, { admin: true });
console.log('Successfully set admin role');
} catch (error) {
console.error('Error setting admin role:', error);
}
}
// Call with the user's UID
setAdminRole('paste-user-uid-here');When deploying to Vercel, you'll need to set up the following environment variables:
- Go to your project on Vercel.
- Navigate to Settings → Environment Variables.
- Add the following variables (same as the ones you have in your Replit):
VITE_FIREBASE_API_KEYVITE_FIREBASE_PROJECT_IDVITE_FIREBASE_APP_ID
Get these values from your Firebase project settings.
For proper security, update your Firestore security rules to limit admin access:
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
// Helper function to check if user is admin
function isAdmin() {
return exists(/databases/$(database)/documents/admins/$(request.auth.uid));
}
// Anyone can create a report, but only admins can read/update
match /reports/{reportId} {
allow create: if request.auth != null || request.auth == null; // Allow anonymous reports
allow read, update, delete: if isAdmin();
}
// Only admins can access admin data
match /admins/{userId} {
allow read: if request.auth != null && request.auth.uid == userId;
allow write: if false; // No writing to admin documents via client
}
// Other collections as needed
}
}
Your application already has code to check admin status. When a user logs in through the Admin page, validate their admin status by querying the admins collection:
const checkAdminStatus = async (uid) => {
try {
const db = getFirebaseFirestore();
const adminDoc = await getDoc(doc(db, "admins", uid));
return adminDoc.exists() && adminDoc.data().role === "admin";
} catch (error) {
console.error("Error checking admin status:", error);
return false;
}
};- Connect your GitHub repository to Vercel.
- Configure the build settings:
- Framework preset: Vite
- Build command:
npm run build - Output directory:
dist
- Add the environment variables mentioned above.
- Deploy your application.
After deployment, your admin can log in through the /admin route using the credentials you created in Firebase Authentication.
- If admin login doesn't work, check the browser console for errors.
- Verify that the admin user exists in Firebase Authentication.
- Confirm the admin document exists in Firestore with the correct UID.
- Make sure environment variables are properly set in Vercel.
- Check Firebase security rules to ensure they're correctly configured.