Firebase: Customized Authenication For Each Application In The Same Project

May 19, 2024 Post a Comment

My problem is my project has 2 application. One application just run in a specific mobile device which we known, it interact with firebase without authenication. The another is run

Solution 1:

You cannot secure database access to allow a specific app or a specific device. See How to prevent other access to my firebase.

But a device can easily be mapped to belong to a specific user, if you use Firebase Authentication. You could even use anonymous authentication if you don't want to require that the user signs in. With Firebase Authentication each user has a unique user id (UID in Firebase terms). And when you know the UID for the user, you can secure access to the database based on that UID.

An example from a recent project:

Baca Juga

{
  "rules": {
    ".read": true,
    ".write": "auth != null && 
               root.child('config/whitelist').child(auth.uid).exists()"
  }
}

So here, we allow writing if the signed-in user's UID is present under a node /config/whitelist. E.g.

config
   whitelist
     "jn0BrHQqUEYSjqvqfqzbJTMOlZ82": true"ytEtWqOfLkRk3OUjTKBtZnTehZc2"true

Android Tech Blog

Firebase: Customized Authenication For Each Application In The Same Project

Solution 1:

Post a Comment for "Firebase: Customized Authenication For Each Application In The Same Project"