Reputation:
Firebase rules without Firebase authentication
I know this is a duplicate question but none of them helped me
I use Firestore for storing little amount of data... which will be deleted after some minutes which contains no personal information. I have my own authentication system for logging users in. The users have read and write permission in the Firestore. The problem is application is in production and I keep getting Firebase warning mail that 'Your Cloud Firestore database has insecure rules'.
i have published Firebase rule as
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if true;
}
}
}
I have gone through many reference and I figured it out that for secure data we have to you it's own authentication. or is there any solution for it..?
Upvotes: 0
Views: 1129
Answers (2)
Reputation: 107
If you have to allow users to read-write with security rules. You can use the cloud function. Cloud function has administrative access. It bypassing the security rules. You have to create Rest API for Firestore read-write operation. Cloud functions doest not require user authentication.
Upvotes: 0
Reputation: 317740
If you are not using Firebase Authentication, then there is no solution for secure per-user access. If you have a different auth system, you will have to integrate Firebase into that using a custom auth provider.
Upvotes: 1
Related Questions
- How to add firebase database rules without authentication?
- firebase firestore security rules without authed user
- how I can set rules in firebase without Auth users
- Firebase security rules like this?
- Android Firestore rules custom auth
- Firebase Rules Configuration
- Firebase android security
- firebase with auth and without auth security rules
- Firebase database secure without firebase auth
- Firebase Authentication without Username and Password