没有认证，任何用户如何在Firebase中安全地写入我的数据库? [英] How can any user write to my database securely in Firebase without Auth?

问题描述

因此，如果我有一个不需要登录/身份验证的电子商务应用程序，并且我的用户在商店购物，那么在验证交易后，后端会将订单写入数据库中.

So if I have an E-commerce App that doesn't require Login/Auth, and my users buy in the store, then after verifying the transaction the backend writes the order in the database.

问题在于，我的实时数据库仅依靠Stripe事务密钥(即某人已经支付了某项费用)就可以在DB上进行写操作，因为我的规则已设置为任何人都可以写，否则我将需要用户登录，但这不是我想要的.

The thing is that my Realtime Database just relies on Stripe transaction key (i.e, someone has paid for an item) to be able to write on the DB, because my rules are set so anyone can write, otherwise I would need every user to log in, but that's not what I want.

Firebase最近通知我，我的规则很弱.

Firebase recently notified me that my rules are weak.

如何如何确保我的用户无需登录/验证即可以安全的方式为我的应用写入数据库?

How can a make sure my users are able to write to my database in a secure way for my app, without log in/Auth?

推荐答案

Firebase可以使用多种安全模型，了解每种模型提供的安全级别很重要.

There are many different security models you can use with Firebase, and it's important to understand the level of security each provides.

要研究的一件事是匿名身份验证，它可以让您在不实际要求用户提供任何凭据的情况下认证"用户.这样可以确保在多次读/写之间使用同一设备.

One thing to look into is anonymous auth which lets you "authenticate" a user without actually requiring them to provide any credentials. This provides a way to guarantee that the same device is being used between multiple reads/writes.

在您的特定情况下，听起来您可能正在寻找依赖不可猜测的标记.只要密钥足够复杂以至于无法猜测，这对于某些用例来说就是一个有效的安全模型.

In your specific case, it sounds like you might be looking to rely on unguessable tokens. This can be a valid security model for some use cases so long as the key is sufficiently complex as to be unguessable.

在最基本的情况下，为不可猜测的URL构建安全规则的方式类似于:

At its most basic, the way you'd structure security rules for unguessable URLs is something like:

{
  "rules": {
    "transactions": {
      "$key": {
        ".read": true,
        ".write": true
      }
    }
  }
}

这允许用户在以下位置读取/写入特定节点: transactions/abc123xyzunguessable ，但重要不允许读取/写入父 transactions 节点.安全性来自这样一个事实，即只有最初获得了不可猜测的令牌的人将来才能够再次提供它.

This allows users to read/write specific nodes at e.g. transactions/abc123xyzunguessable but importantly does not allow reading/writing to the parent transactions node. Security comes from the fact that only the person who originally got the unguessable token will be able to provide it again in the future.

更好的实现方法是在符合预期的不可猜测格式的 $ key 上进行写操作，添加验证和其他读/写规则以确保数据格式正确，并且还可能防止修改键字段.

A better implementation would gate writing on the $key matching the expected unguessable format, adding validation and other read/write rules to ensure that the data is formatted appropriately, and probably also prevent modification of key fields.

这些只是一些指针，但应该对您有所帮助.重要的是要确保您从不将重要信息保留在可以通过容易猜到的URL读取的位置.

These are just some pointers but should help you on your way. The important thing is to make sure that you never leave important information in a place where it can be read through easily guessable URLs.

这篇关于没有认证，任何用户如何在Firebase中安全地写入我的数据库?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！