Closed hgwood closed 10 years ago
Firebase doesn't update reference after login/logout, so a unauthorized user can access the data if the app was previously accessed by an unauthorized user and th epage has not beent refreshed since. Can't find how the ref should be destroyed/updated. Asked on SO : http://stackoverflow.com/questions/23504659/angularfire-data-is-still-accessible-after-logout
This is the same problem as #13. It's a bug, so closing here.
App login with Google+ Sign-in Firebase data access restrictions