Menu
I'm trying to build a feature into my app to "share" data from one user to another. (Like sharing a Google Doc). I'm currently using Firebase Firestore for my database, and I don't have a server setup.
Both user A and user B have Firestore docs. Optimally, user A sends user B an airdrop or iMessage with a URI into my app. User B is greeted with a dialog to accept the request. Upon acceptance, both user A and user B can both read each others docs.
I was thinking of writing a URI something like this myapp://share?password=123, but I can't seem to figure out how to write the Firestore rules to accommodate it. The only ways I seem to be able to find to authenticate a user is through their UID or their email, but not through a password or other piece of secret information.
Is there a way to write Firestore rules to do this, or is there a better way to do this overall?
Thanks for any help!
374
asked Feb 26 '26 07:02
The simplest way to do this is to:
get in your security rules, not list.So say that your password/secret is correcthorsebatterystaple. That means the document is also named correcthorsebatterystaple.
Now if you implement these rules:
service cloud.firestore {
match /databases/{database}/documents {
match /{document} {
allow get: if true;
}
}
}
A user can only get a document if they know its ID, so in this case only if they know correcthorsebatterystaple.
Also see the Firebase documentation on granular operations in security rules.
140
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
