firestore身份验证规则:用于在客户端登录的Google

时间:2017-12-06 07:31:48

标签: json firebase firebase-authentication firebase-security google-cloud-firestore

我试图建立一个规则来获取火星数据,这可以通过谷歌签名的客户端访问。 所以我面临的问题是当我使用这条规则时

match /helpers/customer/data/{document=**}{
  allow read: if request.auth != null;
}

logcat中出现错误

  

onFailure处:   Errorcom.google.firebase.firestore.FirebaseFirestoreException:   PERMISSION_DENIED:权限丢失或不足。

它也仅在我使用

时起作用
match /helpers/customer/data/{document=**}{
  allow read: if true;
}

这意味着路径是写的。

GoogleSignInAccount acct = GoogleSignIn.getLastSignedInAccount(this);

    if(acct != null){
        Log.i(TAG, "onCreate: Database Working");
        mFirestoreDB
                .get()
                .addOnCompleteListener(new OnCompleteListener<QuerySnapshot>() {
                    @Override
                    public void onComplete(@NonNull Task<QuerySnapshot> task) {
                        if (task.isSuccessful()) {
                            for (DocumentSnapshot document : task.getResult()) {
                                Log.d(TAG, document.getId() + " => " + document.getData());
                            }
                        } else {
                            Log.d(TAG, "Error getting documents: ", task.getException());
                        }
                    }
                });
    }else{
        Log.i(TAG, "onCreate: Database not Working");
    }

我需要的是一条规则,我只允许Google用户登录。

1 个答案:

答案 0 :(得分:2)

使用Google登录不会自动使用Firebase对用户进行签名。在安全规则设置auth变量之前,您还需要使用Firebase身份验证对其进行签名。

来自Firebase documentation in signing in with Google

private void firebaseAuthWithGoogle(GoogleSignInAccount acct) {
    Log.d(TAG, "firebaseAuthWithGoogle:" + acct.getId());

    AuthCredential credential = GoogleAuthProvider.getCredential(acct.getIdToken(), null);
    mAuth.signInWithCredential(credential)
            .addOnCompleteListener(this, new OnCompleteListener<AuthResult>() {
                @Override
                public void onComplete(@NonNull Task<AuthResult> task) {
                    if (task.isSuccessful()) {
                        // Sign in success, update UI with the signed-in user's information
                        Log.d(TAG, "signInWithCredential:success");
                        FirebaseUser user = mAuth.getCurrentUser();
                        updateUI(user);
                    } else {
                        // If sign in fails, display a message to the user.
                        Log.w(TAG, "signInWithCredential:failure", task.getException());
                        Toast.makeText(GoogleSignInActivity.this, "Authentication failed.",
                                Toast.LENGTH_SHORT).show();
                        updateUI(null);
                    }

                    // ...
                }
            });
}

但我建议你阅读我链接的整个页面。