Expo and Firestore security rules

#1

I’m using expo and the firebase web sdk. Everything works fine in my app aslong as I leave the security rules as

service cloud.firestore {
  match /databases/{database}/documents {
    match /{document=**} {
     allow read, write: if true;
    }
  }
}

However when I try to implement the first rule stated in the firestore rules docs that should allow full access aslong as the user is authorised, I’m completely locked out from the database, despite being authorised inside the app.

service cloud.firestore {
  match /databases/{database}/documents {
    match /{document=**} {
      allow read, write: if request.auth.uid != null;
    }
  }
}

I am using the current users uid to post records to the database so I know I’ve definitely got some kind of authorisation.

Could the problem be possibly related to react native or even expo?

As far as I’m aware, the second rule stated above should work no problem.

Any input is greatly appreciated

1 Like
#2

Hey @ptgodz,

This would certainly fall in the scope of a Firebase issue, rather than an Expo one. Though I’m thinking it may just be a case of the rule not being correctly written. I’ve never worked with Firestore, only the RTDB, but it took me a while to really get a grasp on security rules. I would suggest really reading over security rules docs and perhaps perusing SO for content. Maybe someone else who has experience with FS rules can chime in as well.

Cheers,

Adam

#3

Hey @adamjnav. Thanks for replying

In regards to the firestore security rules. I just copied the most basic example from the latest documentation. Regardless of the collection or database, it will allow you to read and write if authorised.

You’re probably right that it’s unrelated to expo. I’ll do some more digging tomorrow and post back if I can come to a solution.

1 Like
closed #4

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.