使用身份验证拒绝(读取和写入)Firebase权限

时间:2016-07-05 08:52:42

标签: android firebase firebase-realtime-database firebase-authentication firebase-security

我想通过身份验证在我的数据库中读取和写入,但我得到了Permission denied。我试图找出它为什么不起作用。

我使用了默认规则,因为我想要身份验证,如文档中所述。

  

默认规则需要身份验证。它们允许完全读写>访问您应用的经过身份验证的用户。如果您想要打开数据>它们非常有用。对于您应用的所有用户,但不希望它向全世界开放。

  • Firebase规则:

    {
      "rules": {
        ".read": "auth != null",
        ".write": "auth != null"
      }
    }
    
  • 创建用户

       auth.createUserWithEmailAndPassword(email, password)
            .addOnCompleteListener(this, new OnCompleteListener<AuthResult>() {
                @Override
                public void onComplete(@NonNull Task<AuthResult> task) {
                    Log.d("USER_CREATE", "createUserWithEmail:onComplete:" + task.isSuccessful());
    
                    // If sign in fails, display a message to the user. If sign in succeeds
                    // the auth state listener will be notified and logic to handle the
                    // signed in user can be handled in the listener.
                    if (!task.isSuccessful()) {
                        Toast.makeText(getApplicationContext(), "Authentication failed.",
                                Toast.LENGTH_SHORT).show();
                    } else {
                        startActivity(new Intent(SignupActivity.this, MainActivity.class));
                        finish();
                    }
    
                    // ...
                }
            });
    
  • 登录用户:

    auth.signInWithEmailAndPassword(email, password)
            .addOnCompleteListener(this, new OnCompleteListener<AuthResult>() {
                @Override
                public void onComplete(@NonNull Task<AuthResult> task) {
                    Log.d("COMPLETE", "signInWithEmail:onComplete:" + task.isSuccessful());
                }
            });
    

我收到了AuthListener,并告诉我用户已登录。

  • AuthListener:

    mAuthListener = new FirebaseAuth.AuthStateListener() {
            @Override
            public void onAuthStateChanged(@NonNull FirebaseAuth firebaseAuth) {
                FirebaseUser user = firebaseAuth.getCurrentUser();
                if (user != null) {
                    // User is signed in
                    Log.d("TAG", "onAuthStateChanged:signed_in:" + user.getUid());
                } else {
                    // User is signed out
                    Log.d("TAG", "onAuthStateChanged:signed_out");
                }
                // ...
            }
        };
        // ...
    
  • 读取测试:(我在数据库中手动添加了一个节点)

    firebase.child("test").addValueEventListener(new ValueEventListener() {
    
        @Override
        public void onDataChange(DataSnapshot snapshot) {
            Log.d("result", snapshot.getValue()+"");
        }
    
        @Override
        public void onCancelled(FirebaseError error) {
            Log.d("The read failed: ", error.getMessage());
        }
    });
    
  • 撰写测试:我希望主节点users包含两类用户:devsemployers

    Firebase usersRef  = firebase.child("users").child("devs");
        FirebaseUser user = auth.getCurrentUser();
    
    Map<String, String> userMap = new HashMap<String, String>();
    userMap.put("name", "blabla");
    userMap.put("city", "Brussels");
    
    Map<String, Map<String, String>> users = new HashMap<String, Map<String, String>>();
    users.put(user.getUid().toString(), userMap);
    usersRef.setValue(users);
    
  • 日志:

    D/AUTH LISTENER: onAuthStateChanged:signed_in:wnomkwiOWOb4wNNLSsrWeT5xxUq1
    D/USER_CREATE: createUserWithEmail:onComplete:true
    I/AppCompatViewInflater: app:theme is now deprecated. Please move to using android:theme instead.
    D/ACTION BAR?: android.support.v7.app.ToolbarActionBar@36c3cd2a
    W/SyncTree: Listen at /test failed: FirebaseError: Permission denied
    D/The read failed:: Permission denied
    D/FirebaseAuth: Notifying listeners about user ( wnomkwiOWOb4wNNLSsrWeT5xxUq1 ).
    D/FirebaseAuth: Notifying listeners about user ( wnomkwiOWOb4wNNLSsrWeT5xxUq1 ).
    D/FirebaseApp: Notifying auth state listeners.
    D/FirebaseApp: Notified 0 auth state listeners.
    D/AUTH LISTENER: onAuthStateChanged:signed_in:wnomkwiOWOb4wNNLSsrWeT5xxUq1
    D/FirebaseApp: Notifying auth state listeners.
    D/FirebaseApp: Notified 0 auth state listeners.
    D/AUTH LISTENER: onAuthStateChanged:signed_in:wnomkwiOWOb4wNNLSsrWeT5xxUq1
    D/COMPLETE: signInWithEmail:onComplete:true
    

我使用公共权限进行了这两项测试(写:true,读取:true)并且它正在运行,因此我的身份验证必定存在问题。我可能误解/遗漏了一些东西但却没有真正看到究竟是什么。如果有人想开导我会很好!

2 个答案:

答案 0 :(得分:3)

您将旧的Firebase SDK与新的Firebase SDK混合使用。从build.gradle中删除firebase-android-sdk 2.5.2并更新导入以使用新的DatabaseReference类而不是Firebase类。

答案 1 :(得分:0)

我正在使用com.google.firebase:firebase-admin:6.5.0。我在Firebase中设置了以下规则。

{
  "rules": {
    ".read": true,
    ".write": true
  }
}

我还是得到

  

PersistentConnection:pc_0-身份验证失败:Permission_denied   (访问被拒绝。)。