0

I decided to use Firebase in an old objectiv C iOS app.

I installed what I needed following the instructions given here: Add Firebase to your iOS app right after login into Firebase. Then I followed the instructions given here: https://firebase.google.com/docs/database/ in order to work with a database.

At this point it basically works, I can write some data. Nevertheless I have this issue about the Rules settings.

I followed the information given here: https://firebase.google.com/docs/database/security/quickstart

But if I set my rules like this:

{
  "rules": {
    ".read": true,
    ".write": true
  }
}

it works as expected. On the other hand, if I set them like this:

{
  "rules": {
    ".read": "auth != null",
    ".write": "auth != null"
  }
}

which is the default and should allow me to write data from my app, it does not work.

What is the problem?

Michel
  • 10,303
  • 17
  • 82
  • 179
  • It sounds like the user is not signed in. – cartant Jan 30 '17 at 05:15
  • OK. It sounds like I did not fully understand what I read. Actually reading again I can see that you are right. I would like my app (but only this app) to be able to access the DB for writing and reading, whoever the user is, but I would also like to do this without requesting the user to login. Is this possible? – Michel Jan 30 '17 at 05:55
  • Access is granted to users, not to a specific app. See http://stackoverflow.com/questions/18005984/how-to-prevent-other-access-to-my-firebase – Frank van Puffelen Jan 30 '17 at 06:00

2 Answers2

1

If you don't want the user to login, you could automatically authenticate the user anonymously.

Authenticate with Firebase Anonymously on iOS

Then you could use:

{
  "rules": {
    ".read": "auth != null",
    ".write": "auth != null"
  }
}
Spri
  • 97
  • 1
  • 2
0

After reading your comment in reply to cartant,it is clear that you want to allow your app users to access your database for reading and writing , without need of signing in.

I would also like to do this without requesting the user to login. Is this possible?

YES

It is possible to allow your users to access your DB without any signing process.

Actually

{
  "rules": {
    ".read": true,
    ".write": true
  }
}

this rule says that you are providing read and write permission to your user without signing in.

On the other hand

{
  "rules": {
    ".read": "auth != null",
    ".write": "auth != null"
  }
}

in this rule you are mentioning that your authentication ("auth != null")has to be performed before granting the read , write permissions to your user.

So to accomplish your goal just use the default rule i.e rule without authentication.

Vishal Sonawane
  • 2,637
  • 2
  • 16
  • 21
  • Indeed, and as mentioned in the starting post I already have this working. But in this case I am giving full access to the whole word. That is a bit too much. Just one note: THIS IS NOT the default rule. – Michel Jan 30 '17 at 06:45