认证后无法从Firebase读取数据 [英] Can't read data from Firebase after authentication

查看:130
本文介绍了认证后无法从Firebase读取数据的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

你好我是新来的Firebase,我正在尝试开发一个简单的聊天应用程序。
到目前为止,我已经按照Firebase文档中的步骤进行了身份验证。



这是我的登录方法

  loginUser:function(){
 console.log(Login button); 
 var self = this; 
 ref.authWithOAuthPopup(github,function(error,authData){
 if(error){console.log(Login Failed!,error);} 
 else {
 console.log(authData); 
 ref.child(users)。child(authData.uid).set({
 auth:authData.auth,
 provider:authData。提供者,
名称:authData.github.displayName,
 imgUrl:authData.github.profileImageURL,
 token:authData.token 
}); 
 self.user。 name = authData.github.displayName; 
 self.user.imgUrl = authData.github.profileImageURL; 
 self.user.provider = authData.provider; $ b $ setTimeout(function(){self。 ); 
 this.getContacts(); 
} 
},{
记住:sessionOnly,
范围:用户
}); 
 
 
 
 
 $ b $这是getContacts方法(我试图安慰快照,但我什么都没有)
 $ b $ pre $ getContacts:function(){
 console.log('GET CONTACTS'); 
 var self = this; 
 //检索所有用户,但不知何故,这个请求不会执行
 ref.child('users')。once('value',function(snapshot){
 var contacts (snapshot); 
 console.log(contacts); 
(联系人中的联系人){
 self.contacts.push({
 id:contact,
 name:contacts [contact] .name,
 imgUrl:contacts [contact] .imgUrl,
 provider:contacts [contact] .provider 
}); 
} 
}); 
 
 $ / code $ / pre 
 $ b $ p这些是安全规则
 
 
  {
rules:{
users:{
$ uid:{
 // //写入写入访问这个用户帐户的所有者,其UID必须与密钥($ uid)
.write:auth!== null&& auth.uid === $ uid,
 //授予所有使用GitHub 
.read:auth!== null&&auth.provider ==='github'
} 
 
 
 
 
 $ b我必须提到我正在使用Vuejs 
解决方案
您正在授予访问特定用户的权限: / users / $ uid 。但是为了能够针对Firebase中的节点运行查询,您必须具有对该节点的读取访问权限。因此,Firebase会拒绝您的查询,因为您无权访问 / users 。该文档涵盖了规则不是过滤器 。很多人遇到这个问题,因为这是关系数据库中非常普遍的做法。 规则不是过滤器,而且权限级联下降,是最常见的两种在这种情况下,您可能希望授予所有用户访问整个 / users  node,所以你可以将读权限上移一级: 
 
 
  {
rules: {
 //授予对使用GitHub 
.read登录的用户的读访问权限:auth!== null&& auth.provider ==='github'
users:{
$ uid:{
 //授予对uid必须与$($ uid)
完全匹配的用户帐户所有者的写入权限。写:auth!== null&& auth.uid === $ uid,
} 
} 
} 
  
有了这个每个github认证的用户,都可以读取所有用户,因此查询不会被拒绝。
 
 
 
在其他情况下,您可能必须建立不同的数据模型来处理您想要的安全限制。
 
Hello guys I'm new to Firebase and I am trying to develop a simple chat app.
So far I have got the authentication done following the steps on the Firebase documentation.



This is my login method
loginUser: function(){
        console.log("Login button");
        var self = this;
        ref.authWithOAuthPopup("github", function(error, authData) {
            if (error) { console.log("Login Failed!", error);} 
            else {
                console.log(authData);
                ref.child("users").child(authData.uid).set({
                    auth : authData.auth,
                    provider : authData.provider,
                    name : authData.github.displayName,
                    imgUrl : authData.github.profileImageURL,
                    token: authData.token
                });
                self.user.name = authData.github.displayName;
                self.user.imgUrl = authData.github.profileImageURL;
                self.user.provider = authData.provider;
                setTimeout(function(){ self.authenticated = true; }, 2000);
                this.getContacts();
            }
        },{ 
            remember : "sessionOnly", 
            scope: "user"
        });

    }

and this is the getContacts method (I tried to console the snapshot but I got nothing)
    getContacts: function(){
        console.log('GET CONTACTS');
        var self = this;
        //retrieving all the user, but for somehow this request doesn't execute
        ref.child('users').once('value',function(snapshot){
            var contacts = snapshot.val();
            console.log(contacts);
            for(var contact  in contacts){
             self.contacts.push({
                id: contact,
                name: contacts[contact].name,
                imgUrl: contacts[contact].imgUrl,
                provider: contacts[contact].provider
             });
            }
        });
    }

these are the security rules
{
  "rules": {
    "users": {
      "$uid": {
        // grants write access to the owner of this user account whose uid must exactly match the key ($uid)
         ".write": "auth !== null && auth.uid === $uid",
         // grants read access to any user who is logged in with GitHub
         ".read": "auth !== null && auth.provider === 'github'"
       }
     }
 }

I have to mention that I'm using Vuejs
 解决方案 
You're granting access to specific users: /users/$uid. But to be able to run a query against a node in Firebase, you must have read access to that node. So Firebase rejects your query, because you don't have access to /users. The documentation covers this in the section "rules are not filters". Many people run into this problem, since this is a very common approach in relational databases. The fact that rules are not filters and that permissions cascade down, are the two most common pitfalls of the Firebase security model.



In this case you'll likely want to grant all users access to the entire /users node, so you can just move the read permission up one level:
{
  "rules": {
   // grants read access to any user who is logged in with GitHub
   ".read": "auth !== null && auth.provider === 'github'"
    "users": {
      "$uid": {
        // grants write access to the owner of this user account whose uid must exactly match the key ($uid)
         ".write": "auth !== null && auth.uid === $uid",
       }
     }
 }

With this every github-authenticated users, can read all users and thus the query will not be rejected.



In other cases you may have to model your data differently to work with the security constraints that you want.


                        
这篇关于认证后无法从Firebase读取数据的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
相关文章
前端开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆