Firebase: Customized authenication for each application in the same project

前端未结

关注

 1  1976

My problem is my project has 2 application. One application just run in a specific mobile device which we known, it interact with firebase without authenication. The another is

相关标签:

1条回答

予麋鹿

2021-01-28 10:01
You cannot secure database access to allow a specific app or a specific device. See How to prevent other access to my firebase.

But a device can easily be mapped to belong to a specific user, if you use Firebase Authentication. You could even use anonymous authentication if you don't want to require that the user signs in. With Firebase Authentication each user has a unique user id (UID in Firebase terms). And when you know the UID for the user, you can secure access to the database based on that UID.

An example from a recent project:
```
{
  "rules": {
    ".read": true,
    ".write": "auth != null && 
               root.child('config/whitelist').child(auth.uid).exists()"
  }
}
```
So here, we allow writing if the signed-in user's UID is present under a node /config/whitelist. E.g.
```
config
   whitelist
     "jn0BrHQqUEYSjqvqfqzbJTMOlZ82": true
     "ytEtWqOfLkRk3OUjTKBtZnTehZc2" true
```
0 讨论(0)
发布评论:

提交评论
- 加载中...