accessing email address in firebase rules

2018-06-30 04:24:04

This question already has an answer here:

How can we guarantee that the email saved by the Firebase user is indeed his own email? 1 answer

Firebase team is still working to provide the email in the auth object and you can find it with some limitations using auth.token.email in your rules . Please take a look in this post to get more details.

If the current firebase solution doesn't handle all your needs there is some options to workaround.

Since you want to keep your current /users structure you could, whenever registering a new user, link the user uid to the corresponding email in a new branch /user_emails that will simply store $uid: email . Then your rules will look like the following.

 "user_emails": { 
    "$uid": {
       ".write": "auth.uid == $uid",
       ".validate": "!root.child('Users').hasChild(newData.val())"
    }
  },
  "locations": {
    "$location": {      
      ".read":  "root.hasChild('users/' + root.child('user_emails').child(auth.uid).val() + '/locations/' + $location)"
    }
  }

Keep in mind that you will need to enhance them to ensure that only the right users will be able to edit this new user_emails branch.

链接地址: http://www.djcxy.com/p/84218.html

上一篇: Firebase错误：权限被拒绝。无法从Firebase数据库读取/写入

下一篇: 访问Firebase规则中的电子邮件地址