0

My problem is my project has 2 application. One application just run in a specific mobile device which we known, it interact with firebase without authenication. The another is run in many mobile devices, it must sign-in into firebase to communicate each other.

So, what I want to do is how to configure database rule in firebase to 2 app can use the same the database? Thank everyone very much! Appologize for my bad english.

Tran Hay
  • 11
  • 1
  • set that device's unique device id in firebase databse and give that id permission. – Divyesh Patel Mar 04 '17 at 10:14
  • Thank for your suggestion. But I still don't find the way to set that device's unique device id in firebase databse. May you help me? I'm working that project for my final thesis. Thank you very much – Tran Hay Mar 04 '17 at 10:21

1 Answers1

0

You cannot secure database access to allow a specific app or a specific device. See How to prevent other access to my firebase.

But a device can easily be mapped to belong to a specific user, if you use Firebase Authentication. You could even use anonymous authentication if you don't want to require that the user signs in. With Firebase Authentication each user has a unique user id (UID in Firebase terms). And when you know the UID for the user, you can secure access to the database based on that UID.

An example from a recent project:

{
  "rules": {
    ".read": true,
    ".write": "auth != null && 
               root.child('config/whitelist').child(auth.uid).exists()"
  }
}

So here, we allow writing if the signed-in user's UID is present under a node /config/whitelist. E.g.

config
   whitelist
     "jn0BrHQqUEYSjqvqfqzbJTMOlZ82": true
     "ytEtWqOfLkRk3OUjTKBtZnTehZc2" true
Community
  • 1
  • 1
Frank van Puffelen
  • 565,676
  • 79
  • 828
  • 807