Open DizzyduckAR opened 4 years ago
Same thing Im facing now. Found a solution?
Info: DB can be Fully Locked. on firebase cli you got "cloud function" this tab allow you to write and push C funcs to your project. once hooked you can run deploy and it will give you a link.
C funcs bypass any DB rules and can run as Admin.(while the func on the server itself) Demo On create event.
so the code above is uploaded to the main project. when user created in auto it will pass the uid to new DB and write some values. it will do it as admin on the server itself. you can easy expend this by using Http Req func that will allow you to send and receive data fully protected while no auth runs local.
bottom line no matter what the bug on the DB rules you can bypass it with cloud funcs and it will be much much much safer.
yup. you need to cloud func the auth and db write into cloud func in firebase. it will bypass the issue this bug made.
also made a blank ready ver with qt and pyrebase if you need
**Cfunc can be written in js and typescript (it got admin priv since its run on the server itself
Any solution to this? Auth is not working for me neither.
unless DB rules are ".read": true, ".write":true it will not let you pass auth the users UID to ruler.
while the auth signup and the UID grab working correct any try to pass it to the DB server ruler fails. it will not let it read or write. testing same rules with simulator grant correct access. running it live on client fail to write. (write the email and pass in auth. grant uid. fail to write into db)
example fail to pass: { "rules": { ".read": "auth != null", ".write": "auth != null" }}
so atm we got no way to auth users on real time DB