Security Rule
allow read: if request.auth.token.client == true;
Once the client logs in to the website, and then when I delete that client account from firebase console, the website doesn't logged out the client automatically (I am working on this) so the client still have the option to fetch data from firestore using the website. Technically the client should not be able to fetch the data from firestore because of the security rule and that the client account doesn't exist but this is not the case.
I have tested it out with firebase emulator. Is there something I am not seeing?
