在firebase函数onFinalize中获取uid以进行firebase存储 [英] Get uid in firebase function onFinalize for firebase storage
问题描述
我使用 firebase JS sdk 将音频文件上传到 firebase-storage.发生这种情况时,我需要根据经过身份验证的用户进行上传来处理它(我将它上传到其他地方进行处理).这意味着我需要在通过存储规则验证后访问 uid,以确保其安全.
I use the firebase JS sdk to upload audio files to firebase-storage. When this happens I need to process it based on the authenticated user doing the uploading (I upload it somewhere else for processing). This means I need to have access to the uid after it has been validated by storage rules, to keep it safe.
在研究这个问题时,我发现了一些变通方法,例如使用元数据发送用户的 ID 令牌,但我认为这是一个坏主意,因为它可能被滥用.
While researching this I found workarounds such as using the metadata to send the user's ID token but in my opinion this is a bad idea as it's possible to abuse.
我发现 这个问题 这也正是我的问题.我链接的问题现在已经有一年多了,所以我认为值得再问一次.
I found this question which is pretty much exactly my question as well. The question I linked is now over a year old, so I thought it's worth asking again.
我认为的主要原因是因为存储规则确实可以访问 uid (https://firebase.google.com/docs/storage/security/user-security).如果我可以使用那里的 uid 来允许/禁止访问,我认为也可以在我的 onFinalize 触发器中访问 uid.我似乎无法找到方法.
The primary reason I think that, is because of storage rules, which do have access to the uid (https://firebase.google.com/docs/storage/security/user-security). If I can use the uid there to allow/disallow access I assume it's also possible to access the uid in my onFinalize trigger. I just can't seem to find how.
推荐答案
云存储事件不保留用户上下文;但是,当与规则一起使用时,您不一定需要发送整个 ID 令牌才能验证用户.您可以改为设置 uid 元数据项:
Cloud Storage events do not retain user context; however, you don't necessarily need to send the whole ID token to be able to verify the user when used in conjunction with rules. You could instead set a uid metadata item:
ref.updateMetadata({customMetadata: {uid: currentUser.uid}});
并在规则中检查:
match /files/{fileName} {
allow update: if resource.metadata.uid == request.auth.uid;
}
这样,UID 就可以保证与用户的匹配,并且您可以从函数中访问它.
This way, the UID is guaranteed to match the user's and you can access it from the function.
这篇关于在firebase函数onFinalize中获取uid以进行firebase存储的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
