如何允许我的Unity应用程序在没有用户帐户且没有公共访问权限的情况下访问Firebase实时数据库? [英] How can I allow my Unity app access to a Firebase realtime Database without user accounts and without public access?

问题描述

我正在使用Firebase Unity SDK(5.4.3).我需要该应用程序才能访问实时数据库.当我将访问权限配置为公共时，一切正常，但是我需要保护数据库的安全性，以便只能通过该应用程序进行读取/修改.

I am using the Firebase Unity SDK (5.4.3). I need the app to access a Realtime Database. Everything works fine when I have access configured to public, but I need to secure the database so it can only be read/modified through the app.

我按照此处的说明进行操作: https://firebase.google.com/docs/database/unity/start 用于允许编辑器配置SDK以使用服务帐户在Unity编辑器中运行".这允许Unity编辑器访问数据库，但是在设备上不起作用.有用于验证用户身份的说明，但是我不希望在应用程序中进行任何形式的登录.

I followed the instructions here: https://firebase.google.com/docs/database/unity/start for allowing the Editor to "configure the SDK to use a service account to run in the Unity Editor." This allows the Unity editor to access the database, but this does not work on device. There are instructions for authenticating users, but I do not want any sort of log in in the app.

简而言之，我该如何允许通过该应用访问，但不允许在该应用外部访问.我可以在设备上使用服务帐户吗?该如何配置?

In short, how can I allow access through the app but disallow access outside of the app. Can I use a service account on device and how do I configure that?

谢谢.

推荐答案

如 Doug Stevenson 所说， ;您要么具有公共登录名，要么具有受身份验证的受限登录名.

As said by Doug Stevenson it is not possible; you either have a public login or a restricted one with authentication.

但是我只需要一个专门的用户(例如myUnityAppUser)和一个密码(例如). 123456在脚本中定义的某个位置，或者某个位置的其他加密文件.

However I would Simply have one dedicated user like myUnityAppUser with a password like e.g. 123456 somewhere defined in a script or maybe an additional encryption file somewhere.

然后自动进行登录，而无需用户交互->发送userName + password.密码仍然可以加密等，但这可以由应用程序本身处理，而无需您主动进行Everytime登录

Then do the login automatically without user interaction -> send userName+password. The password could still be encrypted etc but this can all be handled by the App itself without you actively doing the login Everytime

比您进行常规登录(例如， (

Than you make a usual login like e.g. (Source)

public void Login(string email, string password)
{
    auth.SignInWithEmailAndPasswordAsync(email, password).ContinueWith(task =>
    {
        if (task.IsCanceled)
        {
            Debug.LogError("SignInWithEmailAndPasswordAsync canceled.");
            return;
        }
        if (task.IsFaulted)
        {
            Debug.LogError("SignInWithEmailAndPasswordAsync error: " + task.Exception);
            if (task.Exception.InnerExceptions.Count > 0)
                UpdateErrorMessage(task.Exception.InnerExceptions[0].Message);
            return;
        }

        FirebaseUser user = task.Result;
        Debug.LogFormat("User signed in successfully: {0} ({1})",
            user.DisplayName, user.UserId);

        SceneManager.LoadScene("LoginResults");
    });
}

现在，您只需在应用程序中的某个位置调用

Now somewhere in your app you simply call

Login ("myUnityAppUset@some.email", "123456");

具有某种方式的硬编码"(也许已加密?)凭据.

with the somehow somewhere "hardcoded" (maybe encrypted?) credentials.

请注意，仍有可能有人反编译该应用程序并再次作弊.

Note that it is still possible that someone decompiles the app and can cheat again.

这篇关于如何允许我的Unity应用程序在没有用户帐户且没有公共访问权限的情况下访问Firebase实时数据库?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！