Header Ads

Python Django with Firebase : Pyrebase Configure Firebase Database Rules allow only authenticated users to read/write


In this post of Python Django with Google Firebase series i will show you "How to Configure Firebase database rules for Pyrebase library in django such that it will allow only authenticated users to Read/Write to database".



Why there is Firebase Database Rules :

Firebase Realtime Database provides a flexible, expression-based rules language with JavaScript-like syntax to easily define how your data should be structured, how it should be indexed, and when your data can be read from and written to. Combined with our authentication services, you can define who has access to what data and protect your users' personal information from unauthorized access.

Sample rules :

By default, your database rules require Firebase Authentication and grant full read and write permissions only to authenticated users. The default rules ensure your database isn't accessible by just anyone before you get a chance to configure it. Once you're set up, you can customize your rules to your needs. 

Default Rules :

Source : Firebase.google.com

We get these rules as default in our database and these rules require user authentication for accessing the Firebase database 

Public Rules :

Source : Firebase.google.com

Public rules are for testing purpose only, these rules just require Firebase config for accessing the Firebase database, till now in our series we are just using Public rules for accessing Firebase database.
So, now let's see how to configure database as default rules with Pyrebase library for allowing only authenticated users to Read/Write database.

Configure Pyrebase for Default Firebase Rules: 

 If you like videos like this consider donating $1, or simply turn off AdBlocker. Either helps me to continue making tutorials.

Transcript / Cheat Sheet:

For using default Firebase database rules with Pyrebase library we can optionally add a service account credential to our configuration that will allow our server to authenticate with Firebase as an admin and disregard any security rules.

import pyrebase

config = {
  "apiKey": "apiKey",
  "authDomain": "projectId.firebaseapp.com",
  "databaseURL": "https://databaseName.firebaseio.com",
  "storageBucket": "projectId.appspot.com",
  "serviceAccount": "path/to/serviceAccountCredentials.json"
}

firebase = pyrebase.initialize_app(config)



Adding a service account will authenticate as an admin by default for all database queries, but firstly we need to get our serviceAccountCredentials.jsonfor that need to get there: Settings > Project Settings > Service Accounts > Generate New Private Key.
Put that key in some desired location and put that location in the "serviceAccount" path.


That's it, now we are able to read/write to firebase database only for authenticated users & we get rid for  Firebase Permission Denied with Pyrebase library error.
Get Whole Django Project Source Code Here.



No comments:

Powered by Blogger.