如何使Firebase Functions充当用户而不是管理员? [英] How to make Firebase Functions act as a user instead of being an admin?

问题描述

我的客户端应用程序正在通过Firebase Functions创建的API访问Firestore.但是，Firebase函数会导入firebase-admin，它会绕过所有定义的安全规则.我有什么办法可以使我的HTTP触发Function充当特定用户(例如，通过将访问令牌从客户端传递到服务器)，从而使Function也可以在Firebase Functions的影响下工作.

My client app is accessing to Firestore through API created by Firebase Functions. However, the Firebase Functions imports firebase-admin which bypass all the defined security rule. Is there any way I can make my HTTP triggers Function to act as a specific user (for example, by passing an access token from client to server), so that the Functions works under influence of Firebase Functions as well.

推荐答案

当前无法执行此操作.用于节点的Firestore SDK无法以特定的经过身份验证的用户来限制其对数据库的访问.

There is currently no way to do this. The Firestore SDK for node doesn't have a way of scoping its access to the database as a particular authenticated user.

请注意，这与Realtime Database SDK不同，后者允许您查看一个uid .

Note that this is different than the Realtime Database SDK, which does allow you to scope to a uid.

这篇关于如何使Firebase Functions充当用户而不是管理员?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！