Member-only story
Advanced examples of using Cloud Firestore Security Rules
Articles:
- Basic examples of using Cloud Firestore Security Rules
- Advanced examples of using Cloud Firestore Security Rules
In the previous article, I’ve presented some basic examples of using Cloud Firestore Security Rules. Now I will show you and explain more advanced examples, such as creating a condition using token information, comparing incoming data with stored data, and I want to explain to you information about using time in conditions.
Advanced conditions with the request
In the previous article I created an example where I’ve shown you how to use request object to get information about uid of the requested user. Now I’m going to show you more available properties in incoming request.
You can use the syntax: request.auth.token to get a JWT token and extract some useful information from it. The Firebase JWT token consists of the following values:
name—user’s display namesub— user’s Firebase uidemail— email addressemail_verified— information about the verified e-mail addressfirebase.identities— map of user identitiesfirebase.sign_in_provider— user’s provider name
Access for users with a verified email
match /posts/{postId} {
allow write, read: if request.auth.token.email_verified;
}Tip: Change your condition to request.auth != null && request.auth.token.email_verified to make sure that the Simulator won`t show you an error when invoking request without authentication.
Access for users with a specific email
match /posts/{postId} {
allow write, read:
if request.auth.token.email.matches(".*google[.]com");
}In this example, I wanted to show you that you have access to user’s email and that you can invoke some basics methods on a string: matches() , size() , split() , upper() , trim() and lower() . Use these methods to create more advanced conditions.
