Home > Software design >  Allow Node.js app to bypass Google Firestore Authentication Rules
Allow Node.js app to bypass Google Firestore Authentication Rules

Time:07-20

I just set the rules of my Firestore project to only allow authenticated users to read/write to my database for added security. However, I also have an exterior Node.js webscraping script that runs in the background and needs to read/write to my Firestore database. There is no authentication involved, meaning it no longer has access to my database. Is there a way to allow the Node.js script to bypass the Firestore rules?

My rules:

service cloud.firestore {
  match /databases/{database}/documents {
    match /{document=**} {
      allow read, write: if request.auth != null;
    }
  }
}

CodePudding user response:

You can use the Firestore Admin SDK for Node.js to do your reads and writes. Security rules do not affect calls made by the Admin SDK's.

It is important that this webscraping script is not user-controllable. Make sure to deploy it in an environment where only you, and not your app's users, have access.

Page link:https//www.codepudding.com/Softwaredesign/481735.html

Prev:Firestore europe-west2 outage
Next:Visual Studio Microsoft Identity Platform Configuration Stuck Loading
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding