I know this is slightly off-topic but I’m hoping someone can help.
I want users to be able to read/write data from Firebase without having to sign in using an email address. For my meal planning app, I’d like to generate a random User ID (I’ve already done that) and then have the app sync to the Firebase node with that value. That’s working fine with the test rules that Firebase sets by default (which are wide open). How do I change them to protect users more?
Here’s my Firebase structure:
I’m saving the User ID (e.g.
3362-6163-7471-6933-91) in a Stored variable on the device. So when the app loads, it uses that same User ID every time. But how do I ensure that that particular user has access to only that node, in this case
/Users/3362-6163-7471-6933-91/ and not all of
It looks like this might be a good place for me to start… not sure: