I'm learning to create a simple application using Angular by utilizing firestore realtime database.
Here is the query that I use to retrieve data
let query = this.firestore.collection('notes', ref => ref
.where('noteUser', '==', this.data['id'])
.where('noteStatus', '==', 0)
.orderBy('noteUpdateAt', 'desc')
);
let dataNew0 = query.valueChanges({ idField: 'id' });
dataNew0.subscribe(ss => {
this.myDataNote = ss;
});
Everything went smoothly when I used the default firestore rules settings.
When I want to use it in production mode, I change the rules to be like this as in the documentation:
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if request.auth != null
}
}
}
The question is: How do I apply the user id when get data into the request.auth variable so that it is read by firestore rules settings.
As explained in the doc on Security Rules, the request.auth variable contains the authentication information for the client requesting data if your app uses Firebase Authentication.