Menu
I want to make an online password saver app for Android using Firebase. Firebase's docs tell me about authentication and CRUD methods, but I can't find anything on allowing users to create private data only accessible by them. How can I do this? Or where can I find this information?
719
The Firebase Database has a flexible rules-based security model. See the documentation for all details.
When you combine it with Firebase Authentication, you'll be able to do user based authentication.
The simplest possible example from that doc:
{
"rules": {
"users": {
"$uid": {
// grants write access to the owner of this user account
// whose uid must exactly match the key ($uid)
".write": "$uid === auth.uid"
}
}
}
}
But I'd recommend reading that documentation for full details.
113
You can use rules to allow users to store private data, after authenticate the user, create a private path starting with the unique user id. Suppose you have the following json structure
{
"users" : {
"aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee" : {
//private data of user with unique id "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee"
},
"ffffffff-gggg-hhhh-iiii-kkkkkkkkkkkk" : {
//private data of user with unique id "ffffffff-gggg-hhhh-iiii-kkkkkkkkkkkk"
}
}
}
You must allow only the right user to read and write the folder, even create the path if it doesn’t exist. The rules can be as follow:
{
"rules": {
"users":{
".write": "newData.hasChild(auth.uid)", //you can write only if you put your data inside a path starting with your id
"$uid":{
".read":"$uid == auth.uid" //only the right user can read the data
}
}
}
}
answered Sep 19 '25 19:09
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With