Pyrebase auth

Sadaka Technology sersadaka1 at outlook.com
Sat Dec 26 07:03:40 EST 2020


I am using signup method:

user_signup = auth.create_user_with_email_and_password(email, password)

and my firebase rules are:

{
  "rules": {
    ".read": false,
    ".write": false,
      "$localId":  {
        ".write": "auth.uid === $localId",
        ".read": "auth.uid === $localId"
      }      
  }
}

I used:

data = {"item1":"hat","item2":"car"}
results = db.child("users").update(data, user['idToken'])

the only way to patch (update) is to use:
    ".read": true,
    ".write": true,

which means that anyone can read or write in my database where I only want the user to write or read if his idtoken or localid is authorized, even if data is outside his region for ex:

database:

"number_of_users":"2"

"userlocalid":
         {"item1":"hat"}
         {"item2":"car"}


More information about the Python-list mailing list