Firebase 身份验证规则适用于 facebook 提供商,但不适用于电子邮件/密码
我正在尝试在我的数据库上编写一些规则,以防止用户写入,除非他们通过匿名"以外的提供者进行身份验证.这是我的规则,但出于某种原因,当我使用 Facebook 登录但不使用电子邮件/密码登录时,它可以工作;我收到权限被拒绝错误.PS email/pwd 用户是在升级 SDK 之前创建的.任何想法为什么这不起作用?
I am trying to write some rules on my DB that prevent the user from writing unless they are authenticated with a provider other than 'anonymous'. This is the rule that I have but for some reason it works when im logged in with facebook but not with email/password; I get a permission denied error. PS the email/pwd user was created before the upgraded SDK. Any thoughts why this is not working?
"updates": {
".read": "auth !== null",
".write": "auth !== null && auth.provider !== 'anonymous'",
"$location_id": {
".indexOn": "validFrom",
"$update_id": {
".validate": "newData.hasChildren(['displayName', 'place_id', 'name', 'statusValueId', 'update_id', 'user_id', 'validFrom', 'votes'])"
}
}
},
检查为什么这不起作用的最佳方法是在 firebase 控制台中使用模拟器.
The best way to check why this is not working is using the simulator in the firebase console.
您可以在数据库>规则>模拟器(右上角)中找到它
You can find it in Database>Rules>Simulator (top-right corner)
- 在单选按钮中选择写入
- 选择切换开关Authenticated",选择您要测试的提供者,并在Auth token payload"中写入您的用户令牌
- 在位置"中写下您参考的路径
- 在Data (JSON)"中粘贴您要写入的 JSON 对象
- 点击运行,firebase 会告诉你哪个规则失败