Firebase rules for authenticated users?

Questions about Thunkable
1

I’ve read a bunch of posts here and elsewhere about Firebase rules but I can’t seem to get them to work for me.

Here are the rules I am trying to use:

// Checks auth uid equals database node uid
// In other words, the User can only access their own data

{
  "rules": {
    "posts": {
       "$uid": {
         ".read": "$uid === auth.uid",
         ".write": "$uid === auth.uid"
       }
     }
   }
}

I’d like to give a signed in user using this block access to only their stored data:

image
image960×256 23.9 KB

But I think the problem is that there is no $uid created by the SignUp block in the legacy interface.

So how should I adjust the rules?

Here’s how my Firebase database looks:

[database name]
     -[email address]
          -journal
                -[timestamp]
1 Like
2

You just need to call the sign in block after sign up.

1 Like
3

I use the SignIn block on a separate screen and I can successfully login as a user I created. But the user doesn’t have access to any of the data in Firebase from what I can tell.

4

What data are you trying to call (exact cloud variable path) and what exactly do your rules say?

5

Okay, I think I got it. For some reason, I was overlooking the green UserID block because I initially didn’t need it. But once I secured my rules, I did need it.

2 Likes