我一直在使用 Firebase 身份验证通过 iOS 应用程序的电话号码对用户进行身份验证。我现在不想让他们每次都登录,因为这对用户来说很烦人,所以我尝试使用内置内存的 iPhone 来缓存用户的电话号码,以记住用户是否已经登录或不是过去。问题是,当我的 firebase 规则如下时,我的某些查询似乎不起作用:
match /{document=**} {
allow read, write: if request.auth.uid != null;
}
我不完全理解在 iOS 应用程序中获取此 auth.uid 的位置以及它是如何发送的,但似乎当我跳过过去登录过的用户的整个身份验证/登录阶段时,它有时在两次使用之间已经很多天时通常在这里不起作用。我在这里要求看看是否有什么我必须做的事情来刷新 iOS 应用程序本身的身份验证令牌,以便在进行查询时不使用过期的令牌,或者是否有更好的方法来允许跳过登录没有这些问题。我已经能够通过更改我的安全规则来让它工作,只允许每个人读/写,但我不喜欢这个解决方案,因为它非常不安全。
当前身份验证适用于此:
//auth with Completion Handler
func authorizePhoneNumber(_ completion: @escaping (Bool) -> ()) {
self.code = verificationTextField.text!.trimmingCharacters(in: .whitespacesAndNewlines)
let credential = PhoneAuthProvider.provider().credential(withVerificationID:self.id , verificationCode: self.code)
Auth.auth().signIn(with: credential) { (res, err) in
if err != nil {
print("$In wrong sms code")
self.msg = "Incorrect SMS code provided. Re-send code if error persists."
self.showError(self.msg)
completion(false)
return
}
//Authorized successfully
UserDefaults.standard.set(true, forKey: "status")
NotificationCenter.default.post(name: NSNotification.Name("statusChange"), object: nil)
if(self.existing_user == false){
//URL for making post request
let url = URL(string: Constants.NodeServer.add)!
//JSON that will be passed in for HTTPbody
let json: [String:Any] = //Create some object
]
//Creating a session object
let session = URLSession.shared
//Creating request object with url object
var request = URLRequest(url: url)
//declaring method to be POST
request.httpMethod = "POST"
do{
request.httpBody = try JSONSerialization.data(withJSONObject: json, options: .prettyPrinted)
}catch let error {
self.showError(error.localizedDescription)
completion(false)
}
//HTTP Headers
request.addValue("application/json", forHTTPHeaderField: "Content-Type")
request.addValue("application/json", forHTTPHeaderField: "Accept")
//URL data task
let task = session.dataTask(with: request) { (data, response, error) in
guard error == nil else{
print("Error accessing datbase")
self.showError("Error Accessing Database")
completion(false)
return
}
guard let data = data else{
print("Error accessing Data")
self.showError("Error Accessing data")
completion(false)
return
}
do {
print("In do statement data is: ",data)
guard let responseJSON = try JSONSerialization.jsonObject(with: data, options: .mutableContainers) as? [String:Any] else {
print("Failed to serialize JSON")
DispatchQueue.main.async {
self.showError("Unable to access servers at this time!")
}
completion(false)
return
}
//Successfully added User!
print("Added user successfully!")
print(responseJSON)
self.docID = (responseJSON["id"] as! String)
completion(true)
}catch _ {
DispatchQueue.main.async {
self.showError("Error accessing Response Object")
}
completion(false)
return
}
}
task.resume()
}else{
completion(true)
}
}
}