0

Let's say I have a data structure like this: 

{
  "users" : {
    "google:1234567890" : {
      "displayName" : "Username A",
      "provider" : "google",
      "provider_id" : "1234567890"
    }, ...
  },
  "todos" : {
    "google:1234567890" : {
      "rec_id1" : {
        "todo" : "Walk the dog"
      },
      "rec_id2" : {
        "todo" : "Buy milk"
      },
      "rec_id3" : {
        "todo" : "Win a gold medal in the Olympics"
      }, ...
    }, ...
  }
}

And then I only allow the user to write/read it's own data with the following security rules:

{
  "rules": {
    "users": {
      "$uid": {
        // grants write and read access to the owner of this user account whose uid must exactly match the key ($uid)
        ".write": "auth !== null && auth.uid === $uid",
        ".read": "auth !== null && auth.uid === $uid"
      }
    },
    "todos": {
      "$uid": {
        // grants write and read access to the owner of this user account whose uid must exactly match the key ($uid)
        ".write": "auth !== null && auth.uid === $uid",
        ".read": "auth !== null && auth.uid === $uid"
      }
    }
  }
}

What happens if the user wants to change it's Authentication Provider for example from Google to Facebook as this would also change their auth.uid - is there a way to accomplish this without the user losing access to it's previous data?

Steffen
  • 2,197
  • 2
  • 24
  • 38
  • Similar discussions: [1](http://goo.gl/Yf37mN) [2](http://goo.gl/R374Qi) [3](http://goo.gl/TWgXkC) [4](http://goo.gl/81c0Cx) – Kato Mar 19 '15 at 21:30
  • @Kato: Thanks for the related discussions which I didn't see before. – Steffen Mar 22 '15 at 14:19

2 Answers2

0

You'd need a way for the application to identify that the Facebook and Google accounts are for the same user, e.g. by email address.

Once you have found that way, you can simply migrate the data over from one account to the other. See this answer for an example of how to do that: https://stackoverflow.com/a/29124564/209103

Community
  • 1
  • 1
Frank van Puffelen
  • 565,676
  • 79
  • 828
  • 807
  • Thanks for your answer Frank. I didn't know it was that easy to update the an existing node for all it's childs. But to enable the user to login in with multiple accounts I think that I will prefer [this method](http://stackoverflow.com/questions/15148089/how-can-i-login-with-multiple-social-services-with-firebase/26653489#26653489) posted by @Kato. – Steffen Mar 22 '15 at 14:13
0

Instead of migrating the data I think that I will prefer this method which was posted by @Kato in the comments.

Let's say the user first signed up via his Google Account and then within the app he will have an option saying something like "Connect this app with Facebook".

If he does so I could add an additional userMappings child of the root which the user can only access if his current auth.id matches the child name. Within that I could store the (Google) user id which he used the first time.

The benefit of this would be that the user can add multiple auth providers.

Community
  • 1
  • 1
Steffen
  • 2,197
  • 2
  • 24
  • 38