Pyrebase and Firebase Database Rules, how to deal with it with Python?

Question

I'm new in the world of Firebase and I'm using Pyrebase as library for Python 3.7. To test this library I've created a realtime database with public rules:

// These rules give anyone, even people who are not users of your app,
// read and write access to your database
{
  "rules": {
    ".read": true,
    ".write": true
  }
}

It was easy to test the API. Now, I want to introduce more restrictive rules in my case are:

// These rules grant access to a node matching the authenticated
// user ID from the Firebase auth token
{
  "rules": {
    "users": {
      "$uid": {
        ".read": "$uid === auth.uid",
        ".write": "$uid === auth.uid"
      }
    }
  }
}

But I'm encountering a lot of problems and doubts. My Python Code for authentication is this:

        firebase = pyrebase.initialize_app(self.config)
        self.username = email
        self.password = password
        self.db = firebase.database()
        self.auth = firebase.auth()
        # authenticate a user
        self.user = self.auth.sign_in_with_email_and_password(self.username, self.password)

Now when I try to read something for example:

#user_id is the name  of the child of main_document 
db.child(self.main_document).child(user_id).get(self.user['idToken']).val() 

My Db structure is this:

Reading from doc and trying to understand from rule syntax, I see that I need the UID of the user that I can obtain from self.user variable. But How can I "send" to Firebase in order to give it the possibility to make that match? I hope I was clearly :)

Answer 1

You will need to sign a user in with Firebase Authentication, as shown in the Pyrebase documentation on authentication: firebase.auth().sign_in_with_email_and_password(email, password).

Once the user is signed in, their credentials will automatically be sent to Firebase with each request, and Firebase will make those available as auth in your database's security rules.