I want something like this:
firebase.auth().currentUser.canWrite();
This should return true
or false
based on the security rules I have made in Firebase Console.
First you need to restrict access to your realtime database using custom claims and security rules (since by default, you restrict or allow read/write permissions for all users).
Then, on the client, check that a given user has access to the db by parsing the id token and checking the custom claims (refer to example in section "Access custom claims on the client" from the link above. Example is written in JS, but there should be no problem converting it to e.g. Swift). Further, you could easily wrap this functionality (check for valid claims) in your own canWrite()
extension on the FIRUser
object which returns true or false depending on if token has the correct claims.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With