我是Firebase的新手,现在我想尝试使用Firestore php SDK并实现firestore身份验证规则。下面的当前代码可以正常工作
use Google\Cloud\Firestore\FirestoreClient;
$db = new FirestoreClient();
$db->collection('mycollectionname')
->document('mydocumentname')
->set(['name'=>'aaa','value'=>'111');
Firestore身份验证规则
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
// before change
allow read, write: if true;
// after change
allow read, write: if request.auth.uid != null;
}
}
}
将 true 更改为 request.auth.uid!= null 后,它给我错误:
{ "error": { "code": 403, "message": "Missing or insufficient permissions.", "status": "PERMISSION_DENIED" } }
我可以弄清楚如何获取用户数据,例如:电子邮件和密码或用户ID令牌,如何使用用户数据解决上述错误?
答案 0 :(得分:0)
我刚刚发现它,可能对任何人都有用。
在文件use Google\Cloud\Firestore\Connection\Grpc
上
我做了一些更改:
......
......
private function addRequestHeaders(array $args)
{
$args += [
'headers' => []
];
$args['headers']['google-cloud-resource-prefix'] = [$this->resourcePrefixHeader];
///////// CODE THAT I ADD ///////////
if(session('user_token'))
{
$args['headers']['Authorization'] = ['Bearer '.session('user_token')];
}
///////// CODE THAT I ADD ///////////
// Provide authentication header for requests when emulator is enabled.
if ($this->isUsingEmulator) {
$args['headers']['Authorization'] = ['Bearer owner'];
}
return $args;
}
使用laravel,我检查了会话,并在标头上添加了Bearer令牌。在上面的示例之后,我在使用Firestore函数之前添加了一个会话
use Google\Cloud\Firestore\FirestoreClient;
/// adding session
session(['user_token'=>'eyJhbGciOiJSUzI1................']);
$db = new FirestoreClient();
$db->collection('users')
->document('test@gmail.com')
->set(['name'=>'aaa','value'=>'111');
在auth规则中,我还可以根据用户的电子邮件名称制定文档规则,在该规则中,可以使用之前添加的令牌ID获得用户的电子邮件。示例:
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /users/{email} {
allow read, write: if email == request.auth.token.email;
}
}
}