从Cloud函数将用户身份验证传递给Firestore [英] Pass user auth to Firestore from Cloud functions

问题描述

因此，我正在尝试使用Cloud函数构建一个http终结点.仅在用户登录后才调用此云函数.因此，我可以传递用户令牌并在服务器端进行验证.我知道该怎么做.

So I'm trying to build an http endpoint using a Cloud function. This cloud function is only invoked after the user signs in. So I can pass the user token and verify it on the server side. I understand how to do this.

我的Firestore集合上也有安全规则，并使用request.auth.uid设置了授权规则.如果我使用Firebase Web sdk，这也适用.

I also have security rules on my Firestore collections with authorization rules set up using request.auth.uid. This also just works if I use the firebase web sdk.

但是我的问题是-如何通过云功能使用相同的授权规则?我不想为http端点单独重写我的身份验证逻辑.

But my question is - how do I use the same authorization rules via cloud functions? I don't want to rewrite my auth logic separately for the http endpoint.

推荐答案

安全规则仅适用于从Web和移动SDK进行的访问.它不适用于使用任何服务器SDK的代码，包括Firebase Admin SDK以及将与Cloud Functions一起使用的任何代码.在将数据添加到Firestore之前，您必须应用自己的逻辑来检查数据的有效性.实时数据库和云存储安全规则也是如此.

Security rules only apply to access from web and mobile SDKs. It does not apply to code using any of the server SDKs, including the Firebase Admin SDK and anything you would use with Cloud Functions. You will have to apply your own logic to check the validity of data before it's added to Firestore. The same is true for Realtime Database and Cloud Storage security rules.

这篇关于从Cloud函数将用户身份验证传递给Firestore的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！