Menu
I would like make writes to my Firebase data from a node.js server but deny all writes to any other client. Any other client should only be allowed read access. What is the best approach for this? Would I need to authenticate from node.js server with a special admin account and setup a security rule for that specific account or is there some better way to accomplish this? Thanks!
492
public String getKey () Returns. The key name for the source location of this snapshot or null if this snapshot points to the database root.
Firebase Security Rules work by matching a pattern against database paths, and then applying custom conditions to allow access to data at those paths. All Rules across Firebase products have a path-matching component and a conditional statement allowing read or write access.
Just use firebase-admin on your server with a service account. It will have Administrative Privileges by default.
And for your rules, all you need is this:
{
"rules": {
".read": true,
}
}
or this if you only want logged in users to read
{
"rules": {
".read": "auth !== null",
}
}
In your node server use the Admin SDK to log in with service account
and in the database rules use this:
{
"rules": {
".write": "false"
".read": "true",
}
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
