I can't seem to get my database rules to work, when they require authentication.
The user is logged in using JavaScript, and then the database is updated via PHP / REST request using firebase-php.
PHP:
$firebase = new \Firebase\FirebaseLib('https://AppNameGoesHere.firebaseio.com/');
$data = array(
'field1' => $response_array['field1'],
'field2' => $response_array['field2'],
'field3' => $response_array['field3']
);
$firebase->set('users/' . $response_array['userID'], $data)
The $response_array
is an array from an HTML form. $response_array['userID']
is the Firebase user uid.
These rules work (no auth):
{
"rules": {
"users": {
"$uid": {
".read": true,
".write": true
}
}
}
}
These, with auth, don't work:
{
"rules": {
"users": {
"$uid": {
".read": "auth.uid === $uid",
".write": "auth.uid === $uid"
}
}
}
}
Error:
{ "error" : "Permission denied" }
Any suggestions?