Reputation: 49
To keep data secure on my firestore database, I would like to use the predefined pattern, that allows only registered / logged in users to access the firestore database.
Reading would be okay if unauthenticated users can access it. But I can't figure out on how to store a document in the database 'as a authenticated user'?
I am using the following method to store an object inside the firestore collection on Angular:
registerPlate(
plate
): Promise<any> {
return this.firestore.collection('registrations/').
doc(`${plate.registrationNumber}`).set(plate);
}
Where do I have to pass the 'user-object' or the token from the authentication-object (firebase.default.auth().user) to, to allow the user creating a registration?
Upvotes: 0
Views: 316
Reputation: 68
By default, all authenticated users can write new documents to a database using the method that you have posted.
If you are facing some issues, it can be that your Security Rules are not set properly. To deploy and update your Security Rules follow this steps.
Open the Rules tab in the Cloud Firestore section of the Firebase console.
Write your rules in the online editor.
Click Publish
If you want to let all the authenticated users read and write data, and the unauthorized to only read data your Security Rules should look like this.
service cloud.firestore {
match /databases/{database}/documents {
match /<some_path>/ {
allow write: if request.auth != null;
allow read: if (true);
}
}
}
Tell me if it works
Upvotes: 1