From the course: Firebase Essential Training
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Modify Firestore security rules - Google Cloud Tutorial
From the course: Firebase Essential Training
Modify Firestore security rules
- [Instructor] So before we actually get started implementing the email verification flow, in order for this whole thing to even be worth doing in the first place, we need to actually prevent users whose emails have not been authenticated from accessing data in the Firestore. And in order to do this, there's just one fairly simple change we have to make to the security rules for our project. So let's open up our Firebase console and head over to Firestore and then we'll go to the Rules tab. And then we're going to modify our security rules so that will only allow users to access our Firestore if they're both offed, and if their email address has been verified. And here's what that'll look like. We're going to say that we want to allow the user to read if requests.auth.id does not equal null. And if request.auth.auth.token.email_verified, is equal to true. All that'll do is test that the user who's making this request…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
-
-
-
What are Cloud Functions?2m
-
(Locked)
Add Cloud Functions to a project4m 45s
-
(Locked)
Write Cloud Functions in ES6+ syntax10m 33s
-
(Locked)
Build an email verification flow3m 9s
-
(Locked)
Modify Firestore security rules1m 8s
-
(Locked)
Create temporary users10m 57s
-
(Locked)
Verify temporary users2m 44s
-
(Locked)
Send emails with nodemailer7m 33s
-
(Locked)
Send emails from Cloud Functions58s
-
(Locked)
Verify users with Cloud Functions6m 11s
-
(Locked)
Demonstrate the verification flow3m 20s
-
(Locked)
Cloud Functions pricing1m 41s
-
-
-
-
-
-