实时数据库规则语言中的Firebase速率限制 [英] Firebase Rate Limiting In Realtime Database Rules Language

问题描述

我目前正在尝试通过检查上一个帖子的时间戳，然后向其添加+ 60秒，然后检查它是否小于当前Firebase Server时间戳(现在)，来实现速率限制. 它总是以某种方式返回true并授予访问权限?！

以下是我的规则:

I am currently trying to implement rate limting by checking the timestamp of the last post and then add + 60sec to it and then check if it is smaller(<) then the current Firebase Server Timestamp(now). It somehow always returns true and grants access ?!

These are my Rules:

{
  "rules": {
        "posts": {
        ".read": true,
            ".write": 
"(root.child('users').child(auth.uid).child('lastPost').val() + 60) < now"
      }
  }
}

这是我的数据库结构

This is my database structure

{
    "posts": {
        "-KV70ppGGTEtXY4_Q4UC": {
            "author": "abcdedef-uid-ojifgoöifjgssgd",
            "description": "Thats the post description",
            "title": "Thats the post title"
        }
    },
    "users": {
        "2uy7323nTodMHcVxeEDJzoexH302": {
            "canPost": true,
            "email": "cryptic.pug@firebase.com",
            "lastPost": 14776667681,
            "profile_picture": "https://lh3.googleusercontent.com/-XdUIqdMkCWA/AAAAAAAAAAI/AAAAAAAAAAA/4252rscbv5M/photo.jpg",
            "username": "Cryptic Pug"
        }
    }
}

推荐答案

感谢您的线索弗拉基米尔！

Thanks for your Clue Vladimir!

因为我还没有找到这种解决方案的任何软件，所以我想在这里正式分享答案:

As I haven't found this kind of soulution anyware I would like to share the answer here officially:

    {
  "rules": {
        "posts": {
        ".read": true,
            ".write": 
"(root.child('users').child(auth.uid).child('lastPost').val() + 60000) < now"
      }
  }
}

说明:

当用户发布某些内容时，您总是将值firebase.database.ServerValue.TIMESTAMP的数据库中的值更新为用户信息. 在您读取的规则语言中，从要发布的用户中读出最后发布的时间戳(在FB规则语言中为auth.uid)，并添加60秒(* 1000，因为Firebase在其时间戳中使用毫秒)，这将是允许用户再次发布的时间.然后检查当前服务器时间戳是否高于(<)，高于允许用户再次发布的时间.

When a user posts something you always update the Value in the Database with the Value of firebase.database.ServerValue.TIMESTAMP to the user information. In the Rule language you read the Timestamp of the Last Post is read out of the user who wants to post (auth.uid in FB Rule Language) and add 60 seconds (*1000 as Firebase uses Milliseconds in it's timestamp), which would be the time when the user would be allowed to post again. And Then check if the current server timestamp is higher (<) than the time the user is allowed to post again.

希望它可以帮助您，Happy Coding-做Firebase 3天，很棒！

Hope It helped you guys, Happy Coding - Doing Firebase for 3 days and it's great!

这篇关于实时数据库规则语言中的Firebase速率限制的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！