In a quick search I realized that my problem with Firebase Authentication is a common problem for many users who have complained for over 2 years! Maybe the complaints weren't clear so I'll try to be detailed in explaining the problem.
I would like to have the same firestore data for the same user regardless of the authentication method used by him. For example email and password, Facebook, Google or GitHub. The only information that is common to all these services is the email address.
I can't use the UserID because firebase creates one for each authentication method.
When creating a security rule so that a user cannot see the data of another, the sentence "request.auth.token.email" is only fed when the "email and password" method is used, generating most of the problems.
Example of rule that doesn't work with google, facebook, etc:
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /user/{email}/{documents=**} {
allow read, write, get: if request.auth != null && request.auth.token.email == email;
}
}
}
Could someone from the Firebase team help us?
I just tested this on a project of my own and whether the user.email property gets populated (and thus is available in your security rules) depends on the One account per email address setting:
user.email property. If you want to allow a single user to be able to sign in from multiple providers with the same email address, you'll want to look at the documentation on linking accounts in this case. That will also then allow you to base your security rules on UIDs, as the linked accounts will all have the same UID.user.email property won't be populated, and thus also won't be available in security rules.With a HT to this old question/answer:
Not getting the email using Google Authentication in Firebase