没有用户名和密码的Firebase身份验证
[英]Firebase Authentication without Username and Password
问题描述
I am using Firebase and I am Login with the FIREBASE_TOKEN and put in the Firebase Rules the following: 
我正在使用Firebase,并使用FIREBASE_TOKEN登录,并将以下内容放入Firebase规则中:
{
"rules":
{
".read": false,
".write": false,
}
}
So just the connections with the Token can read write in the Database. 因此,只有与令牌的连接才能在数据库中进行读写操作。 My purpose is to make it easy for the users to login , but I need to use another authentication maybe Unique phone ID so users will not able to read unless the UniqueId is presented in the Database? 我的目的是使用户易于登录,但是我需要使用其他身份验证(也许是唯一的电话ID),这样除非数据库中显示UniqueId,否则用户将无法读取? what's the best solution to do it? 最好的解决方案是什么? and if UniqueId how to register them in the rules? 如果UniqueId如何在规则中注册它们? Thank you 谢谢
2 个解决方案
解决方案1
2 2016-08-04 11:21:47
I'm not entirely sure what you're asking for. 我不确定您要的是什么。 But if none of the existing identity providers satisfy your needs, you can create a custom provider and use that custom provider in your Android app . 但是,如果没有一个现有的身份提供程序可以满足您的需求,则可以创建一个自定义提供程序,然后在您的Android应用中使用该自定义提供程序 。 This will give you full control over how your user signs in and what information about the user is then available in the auth variable in the security rules. 这将使您可以完全控制用户的登录方式,然后可以在安全规则的auth变量中找到有关该用户的哪些信息。
解决方案2
1 已采纳 2016-08-04 10:08:23
{
"rules": {
".read": "auth != null",
".write": "auth != null"
}
}
Above rules define every one can access database who have authenticated any of the singed method which provide by google, Like using facebook, google, anonymous, etc, I think this is good for security purpose. 上面的规则定义了每个人都可以访问通过了google提供的任何一种方法的身份验证的数据库,就像使用facebook,google,anonymous等一样,我认为这对安全性是有好处的。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.