firebase data-rules Could not parse auth token

Question

I tried

https://recipes-fe1ba.firebaseio.com/products.json?auth' + token

And in firebase rules , I tried

 "products" : {
   ".read": "auth != null",
    ".write": "auth != null"
 }

NOT working event after I sent actual NOT null token. It throws 401 with below error object .

      { "error" : "Could not parse auth token." }

Can somebody highlight on this ?

I need help also on how to read my own query parameter in firebase data rules For example: if i hit

https://recipes-fe1ba.firebaseio.com/products.json?mypara1=1234

in data rules,something like

{".read": "mypara1 != 1235"}

Currently stuck and no clue how to do this.

Please limit yourself to one question per post. I answered your second question below. — Frank van Puffelen, Oct 12 '19 at 14:09

Frank van Puffelen · Answer 1 · 2019-10-13T13:36:32.543

0

For your second question: the only ways you can pass in data to security rules is through the path that you read, and through the auth token of the user. There is no way to pass custom parameters into security rules through the URL like you're trying.

The typical approach is to pass them into the path instead. So something like:

https://recipes-fe1ba.firebaseio.com/products/mypara1_1234.json

edited Oct 13 '19 at 13:36

answered Oct 12 '19 at 14:09

Frank van Puffelen

565,676
79
828
807

Thanks Frank . If I fire the url like the req suggested by you, it says to append ".json" in the end. https://recipes-fe1ba.firebaseio.com/products.json/mypara1_1234.json it throws the error as below if I append it { "error" : "Invalid path: Invalid token in path" } if i change the url to https://recipes-fe1ba.firebaseio.com/products/mypara1_1234.json it returns me empty (null) result – Abhishek Oct 13 '19 at 10:38
There's nothing magic about the path that we add here, so it of course has to exist in your database too. As said: there's no way to pass the extra data into the token, so you'll have to it into the path (and make sure your database has the data at that path). – Frank van Puffelen Oct 13 '19 at 13:38

score 0 · Answer 2 · answered Oct 13 '19 at 02:22

0

"products" : {
   ".read": "auth != null",
    ".write": "auth != null"
 }

remove single cotes from auth

answered Oct 13 '19 at 02:22

Arup

54
1
8

Thanks Arup. The single quotes were by mistake while posting the question. The code is not having the single quotes – Abhishek Oct 13 '19 at 10:35

firebase data-rules Could not parse auth token

2 Answers2