What a clear explanation this was. Slow and clever. Thanks 😊

I love firebase security rules, easy to understand and simple to test

Very well explained.

I think there's a bug in this example: `allow create: if resource.data.ownerUID == request.auth.uid`. In a create scenario, resource will always be null and that rule will always throw an exception, resulting in permission denied. I think you want `request.resourse.data.ownerUID`.

Hello. What is the same way for Real Time Database?. Why all videos is only firestore?.

I watched this video earlier and found you were answering questions that I had in mind, and I didn't know your Firebase videos included explanations to further knowledge on your Firebase docs, so it's really good to get this practical side from you and I will definitely be looking out for more ... It was Todd's video on unit testing that had me seeking videos by Rachel ... I think to add to the learning that is intended, that screenshots of the Firestore environment could be included for an explanation of how the values in rules or within Firestore correspond ... Right now I'm at 4:47 and I have a question ... The rule says allow 'create' if the ownerUID of an existing todo-collection document matches the user-identity of the current user ... My question is, would this rule work? Because 'create' seems to initiate a new document, so then I expect there to not be an existing document that would be relevant, or, at the very first time this rule is run, I would expect there'd be no possibility of a corresponding document ... Am I correct in this view or is there something I have misinterpreted here please?

I learned more. Thanks a lot

At 5:14 I have just noticed something for the first time ... The get( ) call begins with the name of the collection and not with /databases/{database}/documents/ etc ... My question is, under which circumstances could I get away with making a get( ) call in this way please? When is it okay to leave out /databases/ etc. and if the collection within the get( ) call is a sub-collection, could that collection be stated without also stating its parent collection?

Just getting started with them (already behind the 8-ball as I developed app with auth barely in the back of my mind) ... this was great info. Going to catch some more videos before I embark ... and will still be ready to revamp as I get more familiar with it.

This video is great. Thank you.

Is there a way to create custom functions in rtdb rules as well? I have to repeat the same rules over and over again and my code is becoming a mess...

TIL , thank you

this video saved my life. nice tutorial

With Firebase auth, how can I make it where you only need to login to homepage to get same account logged in on different pages??

This was super informative!

Interesting ❤❤❤

Great video, this helps out a bunch! Thanks.

Question: I have used firebase for Unity extensively, within the Unity library you can import just firebase.authentication as a library and use it for authentication purposes. Now I am working on a python project using Django, and I want to use Firebase, I can see that there are some third-party libraries like pirebase, pirebase4 but no official firebase python library for authentication. Is the firebase_admin library a good choice? as it's available for python and does authentication.

It's almost impossible to not have a server. You will need to execute code elsewhere. That's where cloud functions come in.

I love you so muchhhhh

Thank you. However, is it possible to add a security rule which is only invoke when there is an attempt to update a particular field in a document?

You have to love Firebase ♥️

I m worried about firebase billing if my social media reached more then 1 million user 😭

hello sir, If i have a 'admin role' can read and write every documents, how can i write this role which overwrites other roles?