Alaa AbuZarifa
Reputation: 1249
How to allow only authenticated users to insert to Cloud Firestore database
I've applied Firebase Authentication successfully using email and password once the user login to the app.
Next, I've set the Security rules for my database with Cloud Firestore like this.
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if request.auth != null;
}
}
}
Now, the user should insert something to the but only if he's an authenticated user and his info exists in the authentication table in firebase console.
..but that's not the case, I've inserted some data to the database successfully while the user wasn't authenticated. it seems like the rules are ignored..!
How exactly can I only allow read & write for authenticated users?
Upvotes: 1
Views: 1716
Answers (1)
Samuel Silva
Reputation: 697
Try this code:
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if request.auth.uid != null;
}
}
}
Upvotes: 7
Related Questions
- Allow non-authenticated users to write into firestore
- How can i restrict unauthenticated access to Firebase Firestore while permitting new users to add account data?
- How to allow read and write access to only auth users in Firebase?
- How to allow only authenticated users to create a collection in Firebase Firestore?
- Is there a Firebase security setting to allow only inserts?
- Restrict Firestore access to authenticated users
- Cloud Firestore: setting security rule based on authentication
- Firestore - How to setup security rule without Auth, but based on Android client/request data
- Firebase cloud firestore + auth: write only for signed in users
- Write to Firebase database only with authenticated users android