发表新帖
发表新帖

Firebase Storage Rules with Custom Claims

前端 未结
关注
3 1822
既然无缘
既然无缘 2021-01-15 11:05

I am unable to get Firebase Storage work with custom rules and using custom claims.

In my Python Admin panel, I do the following to create the user and assign a clai

3条回答
  • 滥情空心
    滥情空心 (楼主)
    2021-01-15 11:25

    If I'm not wrong you are using this wrong. Should be:

    service firebase.storage {
  match /b/{bucket}/o {
    match /{environment}/{client_id}/{allPaths=**} {
      allow read: if request.auth.uid == client_id
    }
  }
}

    The token returns others objects, like:

    • email
    • email_verified
    • phone_number
    • name
    • sub

    So for you be able to compare the user Id you must use request.auth.uid. This way will compare the cliente client id. If you want to take a look at the docs, is everything abour the request.auth.

    Edit

    Case you want your own custom token, like: request.auth.token.client_id, you need do that with this code in Python:

    uid = 'some-uid'
additional_claims = {
    'client_id': your_custom_client_id
}

custom_token = auth.create_custom_token(uid, additional_claims)

    Then you can use in your storage rules:

    service firebase.storage {
  match /b/{bucket}/o {
    match /{environment}/{client_id}/{allPaths=**} {
      allow read: if request.auth.token.client_id == client_id
    }
  }
}

    See the docs

    0 讨论(0)
 看不清?
提交回复
热议问题