Firebase数据库 - 与在客户端暴露uid相关的风险? [英] Firebase Database - Risks associated with exposing uid on the client side?
问题描述
简短的问题:如果我在客户端暴露其他用户的UID,有什么风险/问题?
我的情况:
I建立一个测试的Android应用程序,需要能够让用户foo请求授权以便2)访问用户A的私人数据。
我不知道这是不是一个呃的事实,但我似乎无法在Firebase上发现任何关于不要暴露UID 。我一直在浏览用户安全部分和Firebase的聊天示例演示,而通常的做法似乎是将授权用户的uid创建为共享或授权字段。我的问题主要是关于第一步。
{
users:{
uid_of_user_a :{
requests:{
-KeXTQeFJ2gAiaazteO1:{
requestUid:uid_of_user_foo,
targetUid:uid_of_user_a,
timeStamp:123456
$ b $ $ $ $ $ $ $
$ b 我的想法是这样的。
$ b
-
请求字段的规则是对
uid_of_user_a的用户是可读/写的,只有当用户
在与uid_of_user_a相匹配的targetUid中推送时,用户A才具有验证的用户。
在客户端,用户A具有附加参考的onChildEventListener到这个领域。当客户端收到onChildAdded回调时,会显示一个对话框并要求确认。客户端从请求消息中检索请求者的uid,并将其推送到授权字段
-
用户A的私有数据可以被授权字段中列出的uid读取。
问题:需要将其他用户的uid公开给客户端。这种方法类似于在电话上呼叫某人,呼叫方必须先知道接收方的电话号码。所以,在没有真正发出电话号码和电子邮件的情况下,某人必须以某种方式了解UID,以便甚至能够传递信息并要求获取可分享的数据,对吗?......但是,我的直觉手段似乎有些不足。 >
我是新来的firebase数据库和一般的用户身份验证,所以请原谅我的法语:)预先感谢所有的大师。
一个UID只是一个字符串。没有任何信息。秘密信息是用户的密码(您永远不会看到)以及他们的临时验证令牌(一小时后过期)。 SDK将自动刷新该令牌。
如果您的安全规则设置正确,则没有问题。如果一个用户知道另一个用户的UID,那么如果你的规则不允许,那么第一个用户就不会影响第二个用户的数据。您可能希望将有关用户的公共和私人信息分隔为Short question(s): What are the risks/problems if I expose another users' UID on the client side?
My circumstance:
I'm building a test android app that needs to be able to let 1) user foo request authorization in order to 2)access user A's private data.
I don't know if it is a "duh" fact, but I just can't seem to find any warning on Firebase about "DON'T EXPOSE UID". I've been skimming on the user-security section and Firebase's chat example demo, and the common approach seems to create a field "share" or "authorized" with the authorized user's uid as true. My question is primarily about the first step. Below is a snippet of my data structure.
{
"users" : {
"uid_of_user_a" : {
"requests" : {
"-KeXTQeFJ2gAiaazteO1" : {
"requestUid" : "uid_of_user_foo",
"targetUid" : "uid_of_user_a",
"timeStamp" : 123456
}
}
}
}
}
My thinking is this.
The rules for the request field is it is read/write for user with
uid_of_user_a, and writable for any authenticated users only if such user
push in the targetUid that matches uid_of_user_a.
On the client side, user A has a onChildEventListener attached with a reference to this field. When the client receives a onChildAdded callback, a dialog shows up and asks for confirmation.
If confirmed, the client side retrieves the requester's uid from the request message, and pushes it to the "authorized" field
user A's private data can then be readable by the uid listed in the authorized field.
Problem: Exposing another user's uid to the client is required. This method is comparable to like calling someone on a phone, the caller has to know the receiving end's phone number first. so, without actually giving out phone numbers and email, someone has to know the UID somehow in order to even get a message across and ask to get shareable data, right?.... but, my intuitive approach seems iffy.
I'm new to firebase database and user-authentication in general, so pardon my french :) Thanks in advance to all the gurus out there.
解决方案 A UID is just a string. There's no information in it. The piece of secret information is the user's password (which you can never see) and their temporary authentication token, which expires after an hour. The SDK will automatically refresh that token.
If your security rules are properly set up, there is no problem. If one user knows another user's UID, there's nothing the first user can do to affect the data of the second user if your rules don't allow it. You may want to separate public and private information about users into separate locations so they can have separate security rules, if that's what you need.
If for some reason you still think that the UID needs to be kept secret, you can generate a different UUID or something to identify the user and use that instead, but I don't know what extra security that will provide.
这篇关于Firebase数据库 - 与在客户端暴露uid相关的风险?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
