Firebase 实时数据库需要更好的规则 [英] Need a better rule for Firebase Realtime database

查看:34
本文介绍了Firebase 实时数据库需要更好的规则的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

<块引用>

[Firebase] 客户端访问您的实时数据库---------------"7 天前过期

您选择在测试模式下开始开发,这让您的 Realtime数据库实例完全对互联网开放.因为这个选择使您的应用程序容易受到攻击者的攻击,您的数据库安全规则配置为在前 30 天后停止允许请求.从 7 天前开始,所有客户端请求到您的实时数据库实例已被拒绝并将继续被拒绝,直到安全规则已更新.分析每天运行;如果你修改了您在过去 24 小时内的规则可能不会考虑这些更改

我仍在开发我的应用程序,这封电子邮件出现了......你能提出一个更好的规则吗......我的应用程序包含用户登录和注册以及重置名称、密码、电子邮件......

解决方案

如果你希望任何人都能够读取你的数据库但只有登录的用户才能写入,你可以使用这个:

<代码>{规则":{.read":真,.write":$user_id === auth.uid";}}

$user_id 来自您的用户 json.这个变量不需要被称为 $user_id.它可以是您的用户 json 中的任何变量.例如:

用户":{用户 ID":{姓名":John Doe",电子邮件":电子邮件@example.com",}}

如果您希望数据库只读,可以使用:

<代码>{规则":{.read":真,.write":假}}

您可以在数据库安全规则中阅读更多内容.>

[Firebase] Client access to your Realtime Database '---------------' expired 7 day(s) ago

You chose to start developing in Test Mode, which left your Realtime Database instance completely open to the Internet. Because this choice made your app vulnerable to attackers, your database security rules were configured to stop allowing requests after the first 30 days. Starting 7 day(s) ago, all client requests to your Realtime Database instance have been denied and will continue to be denied until security rules are updated. Analysis is run daily; if you've modified your rules in the last 24 hours those changes may not be accounted for.

I am still developing my app and this email shows up....can you please suggest a better rule..my app contains user log in and registration and reseting name, passowrd, email..

解决方案

If you want anyone to be able to read your database but only logged users to write, you can use this:

{
  "rules": {
    ".read": true,
    ".write": "$user_id === auth.uid"
  }
}

where $user_id comes from your user json. This variable doesnt need to be called $user_id. It can be any variable from your user json. ex:

"users" : 
    {
        "user_id":
        {
            "name":"John Doe",
            "email":"email@example.com",
        }
    }

If you prefer to have your database read only, you can use this:

{
  "rules": {
    ".read": true,
    ".write": false
  }
}

You can read more in Database Security Rules.

这篇关于Firebase 实时数据库需要更好的规则的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
其他开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆