Reputation: 121
Protecting data in Firestore to be only readable by users with active In-App-Subscription
my app is fetching data from a Firestore database but this data should only be accessible to users who are currently subscribed to In-App-Purchases.
What is the best way to protect this data?
My first thought was routing everything through a Firebase Function, so the user has to send their subscription ID to the function, the function checks it and returns the data, but this would require way too many function calls for just a few users.
Upvotes: 0
Views: 100
Answers (1)
Reputation: 41
If you are not using any server client libraries then you can create a rule on firestore to restrict the reads on the table. firestore rules docs.. You could simply check if the requesting user has subscribed to In-App-Purchases (assuming there is a flag in the user's data to confirm the same).
Upvotes: 1
Related Questions
- How to make user data not visible for developer on firebabse
- Prevent Firestore spam without requiring login
- Protecting Firestore without requiring authentication
- React Native authentication and cloud Firestore for web apps
- How to enable access of firestore data to my nativescript app only?
- Role based authentication in React Native app using Firebase
- How to make cloud firestore security rules such that logged in users can access only their data?
- React-Native App access Firestore with Google gmail authenication
- How to restrict users from reading data from Firestore documents?
- Configure the firestore security rules to allow users to only access their own data - efficiently