CODEWITHSUNDEEP
javascriptgoogle-cloud-firestoreoauth-2.0firebase-authenticationfirebase-security
coldasspirit
coldasspirit

Reputation: 127

Uncaught (in promise) FirebaseError: The caller does not have permission in firestore

When i click google oauth button, it gives this errors:

  1. Uncaught (in promise) FirebaseError: The caller does not have permission,
  2. Uncaught (in promise) FirebaseError: Missing or insufficient permissions.

Can you help me please ?

my firebase rules:

rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
 match /{document=**} {
  allow read, write: if request.auth.uid != null;
  }
 }
}

my google auth function:

const GoogleAuth = () => {
  const onSuccess = async (response) => {
    var uid = response.profileObj.googleId;
    var username = response.profileObj.name;
    var email = response.profileObj.email;

    if (
      firebase.firestore().collection("users").where("uid", "==", uid).get()
    ) {
      await firebase.firestore().collection("users").doc(uid).set({
        username: username,
        email: email,
        uid: uid,
      });
    } else {
      return null;
    }
  };

  const onFailure = (response) => {
    console.log(response);
  };

  return (
    <div>
      <GoogleLogin
        clientId="70189954299-t7a9i8u7lhqm20ji4d3oei88ihef7i5o.apps.googleusercontent.com"
        buttonText="Login"
        onSuccess={onSuccess}
        onFailure={onFailure}
        cookiePolicy={"single_host_origin"}
        isSignedIn={true}
      />
    </div>
  );
};

enter image description here

Upvotes: 1

Views: 2737

Answers (2)

Parmeet Singh
Parmeet Singh

Reputation: 1

Actually, I changed my rules config in firebase..It worked for me..

I changed from allow read, write: if false to allow read, write: if true

service cloud.firestore {
  match /databases/{database}/documents {
    match /{document=**} {
      allow read, write: if true;
    }
  }
}

Upvotes: 0

Frank van Puffelen
Frank van Puffelen

Reputation: 598728

Your code is signing in with Google, but is not signing in with Firebase Authentication yet. Only after you sign the user in to Firebase, will the request.auth variable in your security rules be populated, so at the moment these security rules correctly reject the request.

To sign in to Firebase with the credentials from Google, call firebase.auth().signInWithCredential(credential) as shown in the Advanced: Handle the sign-in flow manually section of the Firebase documentation.

Alternatively, you could use the simpler flow described in Handle the sign-in flow with the Firebase SDK, which also handle the calls to the Google sign-in API for you.

Upvotes: 3

Related Questions