I made a simple test, these is the rules for creation and deletion:
`match /usernames/{username} {
allow create: if request.auth!=null && request.auth.uid==request.resource.data.user && username==request.auth.token.name
allow delete: if request.auth!=null && request.auth.uid==resource.data.user && username==request.auth.token.name
.....`
It runs perfectly in tests. It runs perfectly if I stop checking the "request.auth.token.name".
Are we sending 'request.auth.token'?
Edit: We are. It took me some time to debug, since I'm actually a firmware coder who had to make a mobile up once in a blue moon so everything's so alien to me.
After changing the "DisplayName" of a user with Plugin.CloudFirebaseAuth, we need to force refresh the Id token. Then everything works as expected.
I made a simple test, these is the rules for creation and deletion:
`match /usernames/{username} {
allow create: if request.auth!=null && request.auth.uid==request.resource.data.user && username==request.auth.token.name
allow delete: if request.auth!=null && request.auth.uid==resource.data.user && username==request.auth.token.name .....`
It runs perfectly in tests. It runs perfectly if I stop checking the "request.auth.token.name".
Are we sending 'request.auth.token'?
Edit: We are. It took me some time to debug, since I'm actually a firmware coder who had to make a mobile up once in a blue moon so everything's so alien to me.
After changing the "DisplayName" of a user with Plugin.CloudFirebaseAuth, we need to force refresh the Id token. Then everything works as expected.