How to store data per user and prevent others to see them

Question

I wonder if it's possible to have the following things with Firebase:

• handle several users in a Firebase application
• a user can signup using OAuth2 and external providers like Google
• each user has its own set of data
• other users can't see the data of a specific user

Firebase would be used from a frontend Web application without server-side application.

Thanks very much for your help.

Answer 1

I think that all of your requirements are met.

See the docs: https://www.firebase.com/docs/security/guide/user-security.html

With a slight modification your security rules can be as follow:

{
  "rules": {
    "users": {
      "$user_id": {
        // grants write access to the owner of this user account
        // whose uid must exactly match the key ($user_id)
        ".write": "$user_id === auth.uid",
        ".read": "$user_id === auth.uid"
      }
    }
  }
}