Reputation: 606
Authenticate with Firebase Anonymously
I am currently trying to let users achieve read access my Firestore database with anonymous authentication.
The reason I want to do this is because I keep getting emails saying "Your Cloud Firestore database has insecure rules" and I do not want to have the user to sign in.
To combat this problem I am making everyone an anonymous user when the application opens but I am having trouble with writing the rules that approve read access to anonymous users.
The function below is working:
func signInUser(){
let auth = Auth.auth()
auth.signInAnonymously{(result, err) in
if let err = err{
print(err.localizedDescription)
return
}
print("User Logged in anonymously")
}
}
How can I write a rule on the firebase console to allow read access only to the Firestore collections.
Also is this a bad idea?
Current Rule:
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read: if true
}
}
}
Upvotes: 1
Views: 461
Answers (1)
Reputation: 317828
I suggest reading the documentation on security rules to understand how user authentication works with security rules.
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if request.auth != null;
}
}
}
Whether or not this is a good idea is entirely up to you. You'll have to decide if you want all users to be able to read all data.
Upvotes: 2
Related Questions
- Firebase Auth Anonymous Login
- Authentication Firebase
- Anonymous Auth Firestore Security
- Using Firebase Anonymous Auth as only authentication method in app
- Firebase Anonymous Authentication
- How do I secure my firestore for anonymous access of product data
- Is Anonymous Authentication Enough?
- User login in Firebase
- Firebase Authentication
- Anonymous user in Firebase