Firebase Auth Tutorial #16 - More on Firestore Rules
Рет қаралды 41,427
5 жыл бұрынHey ninjas, in this episode we'll talk a little bit more about Firebase Firestore rules and how to use them to secure our user data.
VUE & FIREBASE FULL COURSE - www.udemy.com/build-web-apps-...
----------------------------------------
🐱💻 🐱💻 Course Links:
+ Course files - github.com/iamshaunjp/firebas...
+ VS Code editor - code.visualstudio.com/
+ Firestore Playlist - • Firebase Firestore Tut...
+ Materialize Playlist - • Materialize Tutorial #...
🤑🤑 Donate
+ www.paypal.me/thenetninja
🎓🎓 Find me on Udemy
+ www.udemy.com/user/47fd83f6-5...
@sst8872 5 жыл бұрын
Thank you so much Master Ninja. "Reading tremendous docs" isn't enough to make one a great master like you. Thanks again Master. Sincerely, Song.
@lukasluftlaufer1093 2 жыл бұрын
Thanks Shaun for helping me learn exactly the right stuff for my next gig! You are awesome!
@Cho1279624 5 жыл бұрын
The more on Firestore Rules, the less on my fear of them! Thank you:)
@reycoseguma2184 4 жыл бұрын
This section answers all my questions. Thanks.
@AbhishekKumar-mq1tt 5 жыл бұрын
Thank u for this awesome video and series
@erniea5843 4 жыл бұрын
That simulator to test the rules is a great tool!
@ParasBansal10 3 жыл бұрын
Thank you so much. You are awesome.
@lrajoo11 2 жыл бұрын
super useful, thanks!
@SofianMW 4 жыл бұрын
great, thanks!
@enmanuelr7 3 жыл бұрын
The first rule allows any logged user to create a new user document through the console and this is not secure because your database can be filled with junk data and who knows what other things. I wonder if we can implement a more secure rule... Anyway thank you for this awesome content!
@errinwright 2 жыл бұрын
What would be your suggestion??
@Nobody-df7vn 8 ай бұрын
I guess we have to use cloud function instead?
@bartoszsowa5140 2 жыл бұрын
firestore rules!!!!
@sebastianbjerkan 4 жыл бұрын
How can I make it so the logged in user can only see the documents they have created themselves and the documents an admin has created?
@satyamgupta756 3 жыл бұрын
Awesome. One thing, The allow create only has 1 rule that user must be logged in that means a logged in user can create as many documents in users collection as he wants, with different ids ofcourse. Isn't this a issue. Instead we could use the read rule with the came create method so user will be able to create only 1 document with his id. 🤔
@ezstartup-team 3 жыл бұрын
Can I use uerID in firebase make it sync to MySQL with Django (purpose want to use user in Firebase can create, modify and delete data in MySQL by defining funtion userID), or possible way to make it works please reply me.
@digitalsignage6930 4 жыл бұрын
What is request.auth.uid? Do we have to send it ourselves? or the firebase sends it to the firestore after we log in.
@sourcecaster Жыл бұрын
What if I log in and them manually start adding some gibberish to users collection (since I'm allowed to create documents there). How can I prevent it?
@theprantadutta 4 жыл бұрын
what am i getting this error: TypeError: doc.data(...) is undefined
@leonvanrijswijk8409 5 жыл бұрын
At the end of the vid it is saying 'missing permissions' in the console. Why is that?
@vd853 5 жыл бұрын
For the last part of the video, your client query must include both the collection name AND document id. For example, in Angularfire.. db.collection('YOUR COLLECTION NAME').doc('YOUR ID').get().subscribe(e=>
@janedwardbanag8296 4 жыл бұрын
@@vd853 how ? i used Firebase: allow read: if request.auth.uid == userId; it shows Missing permission. but !=null works
@mdridoy-ef2pw 3 жыл бұрын
@@janedwardbanag8296 you didn't define what userId is...it would be recognized if you write something like this: match users/{userId} { allow read : if request.auth.uid == userId } here the userId in the curly braces represent each document id in the users collection. And now firestore recognizes the userId in your rool. It works like a parameter just like you use in a javascript function.
@cloudark3766 3 жыл бұрын
Hi all... The rules don't seem to work for me. Shaun says that with the rules it means that only the author of the guide can read their own guide:- allow read: if request.auth.uid == userId; However for me, any user can see all the guides. Here are my rules:- //match logged in user doc in users collection match /users/{userId} { allow create: if request.auth.uid != null; allow read: if request.auth.uid == userId; } The only difference I have is that at the top of my Firestore rules I have this:- rules_version = '2'; I'm wondering, has something now changed in the Firestore Rules that means the above no longer works?
@amyra98 3 жыл бұрын
//match logged in user doc in users collection match /users/{userId} { allow create: if request.auth.uid != null; allow read: if request.auth.uid == userId; }
@madhupatel4484 3 жыл бұрын
Thank you 🙃
@nostalgicboy.studio 4 жыл бұрын
After setting those rules, account details are not showing up. PLEASE HELP But record of BIO is created.
@igdev6095 3 жыл бұрын
are u fixed that?
@fazminmarzook621 3 жыл бұрын
You might have created that account before BIO was created. Try signing in a new user with a bio.