【问题标题】:How do I make the Firebase Admin SDK account respect validation rules?如何使 Firebase Admin SDK 帐户遵守验证规则?
【发布时间】:2016-11-30 03:56:11
【问题描述】:

我有一个 node server 运行 firebase Admin SDK 并像这样进行身份验证:

 admin.initializeApp({
        databaseURL: 'https://brandonsCoolApp.firebaseio.com',
        credential: admin.credential.cert(firebaseCredentials),
 })


 // firebase security rules (abridged version; i have several validation rules)
    {
      "rules": {
        ".read": "auth != null",
        ".write": "auth != null"
      }
    }

这适用于正常操作。但是,它在 Firebase 安全/验证规则中获得特殊状态,并忽略所有规则。

我希望它尊重验证规则。所以,按照Firebase Docs,我尝试添加自定义auth.uid并调整我的安全规则:

 admin.initializeApp({
        databaseURL: 'https://brandonsCoolApp.firebaseio.com',
        credential: admin.credential.cert(firebaseCredentials),
        databaseAuthVariableOverride: {
          uid: "node-server"
        }
    })

// firebase security rules
{
  "rules": {
    ".read": "auth != null || auth.uid == 'node-server'",
    ".write": "auth != null || auth.uid == 'node-server'"
  }
}

// I also tried this version
{
      "rules": {
        ".read": "auth.uid === 'node-server'",
        ".write": "auth.uid === 'node-server'"
      }
    }

但是,当尝试在任意路径调用 update() 时,这会导致 PERMISSION_DENIED 错误:

FIREBASE WARNING: update at / failed: permission_denied
{ [Error: PERMISSION_DENIED: Permission denied] code: 'PERMISSION_DENIED' }

那么:我怎样才能说服我的坏男孩admin SDK server 改正并遵守规则?

【问题讨论】:

    标签: javascript firebase firebase-realtime-database firebase-authentication


    【解决方案1】:

    所以,我在上述验证规则的正确轨道上。我将PERMISSION DENIED 错误与身份验证错误混淆了,而实际上这与验证规则失败时收到的消息相同。

    这个init 代码最终成功了:

    admin.initializeApp({
            databaseURL: 'https://brandonsCoolApp.firebaseio.com',
            credential: admin.credential.cert(firebaseCredentials),
            databaseAuthVariableOverride: {
              uid: "node-server"
            }
        })
    
    // firebase security rules
    {
      "rules": {
        ".read": "auth != null || auth.uid == 'node-server'",
        ".write": "auth != null || auth.uid == 'node-server'"
      }
    }
    

    通过在调用update() 之前将update() 有效负载写入json,然后将json 内容复制/粘贴到firebase 规则模拟器中,我弄清楚了我的验证错误是什么。在那里,您可以逐行分析更新失败的原因。

    【讨论】:

      猜你喜欢
      • 2019-08-08
      • 1970-01-01
      • 1970-01-01
      • 2018-11-12
      • 1970-01-01
      • 2023-03-21
      • 1970-01-01
      • 2020-07-25
      • 1970-01-01
      相关资源
      最近更新 更多