我有一个经过身份验证的用户,该用户通过使用 FirebaseSimpleLogin 进行身份验证。该用户拥有 token :
'user':{
email: "<a href="https://stackoverflow.com/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="cfa2b6aaa2aea6a38fa6a1bbaabda1aabbbce1aca0a2" rel="noreferrer noopener nofollow">[email protected]</a>",
firebaseAuthToken: SOME TOKEN,
"id: "4",
isTemporaryPassword: true,
md5_hash: "aHash123",
provider: "password",
uid: "simplelogin:4"
}
我已在 Firebase 的“规则和安全”选项卡下授予经过身份验证的用户读取权限,使用方法:
{
"rules": {
"SOME DATA": {
".read": "auth.email == '<a href="https://stackoverflow.com/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="6c011509010d05002c050218091e0209181f420f0301" rel="noreferrer noopener nofollow">[email protected]</a>'",
".write": true
}
}
}
但是,当访问数据时,我收到错误:
Error: permission_denied: Client doesn't have permission to access the desired data.
我是否遗漏了一些关于为什么我没有读取权限的基本信息?
最佳答案
在 firebase 的安全规则部分,我犯了一个错误。
{
"rules": {
"SOMEDATA": { //NOTE: removal of space character
".read": "auth.email == '<a href="https://stackoverflow.com/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="83eefae6eee2eaefc3eaedf7e6f1ede6f7f0ade0ecee" rel="noreferrer noopener nofollow">[email protected]</a>'",
".write": true
}
}
}
经验教训:规则非常具体,并始终遵循一些约定。
关于firebase - 经过身份验证的用户无权访问 Firebase 中存储的数据,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/28288744/