skip to Main Content

How do we authenticate the app to the Firestore? (not using service account), because when service account have conflicts when security rules which needs authenticate. When I’m switching to production mode and perform a query I got this message

enter image description here

This is the rules that is set in the production mode

match /{document=**} {
   allow read, write: if request.auth!=null;
}

match /projects/{document=**} {
   allow read, write;
}

And this is my code. This code only works in the test mode how do I make this work in the production mode?

public function __construct(){
    global $key;
    $this->firestore = new FirestoreClient([
    'keyFilePath' => $key,
    'projectId' => 'test-4c1ff'
  ]);
}

2

Answers


  1. If you are using https://github.com/kreait/firebase-php/, the documentation shows how to initialize Firebase Authentication, and then sign-in with one of the many supported providers.

    Once you’re signed in, the authentication information is securely passed with your requests to the database and you can then access it as request.auth in your security rules as shown here.

    Login or Signup to reply.
  2. You need to authenticate your PHP app first to the Firebase in order your App to make a request.

    To do that, follow this quick solution which I recently discovered.

    1. First You must create your own authentication email and password in your Firebase Authenticate Console.

    2. Install this package on your App:

    composer require kreait/firebase-php

    1. Once you are done installing the package, you may proceed here.
    use KreaitFirebaseFactory;
    use KreaitFirebaseAuth;
    use KreaitFirebaseAuthSignInResult;
    
    $key = ""
    $factory = (new Factory)
    ->withServiceAccount($key)
    ->withDatabaseUri('Your Firebase Database URi');
    $auth = $factory->createAuth();
    
    $email = "Your Email";
    $password = "Your Password";
    $signInResult = $auth->signInWithEmailAndPassword($email, $password);
    
    

    note: Remember, this is only static and you have to make the entire function to make this more dynamic.

    Now you can make a request to the firebase without getting block by the security rules.

    Reference:

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search