Node.js NodeJS Firestore身份验证-权限被拒绝
我正在尝试创建一个客户端脚本,允许某人登录到他们的Google帐户,然后在验证后访问Firestore数据库。除了在使用firebase.auth登录后出于某种原因之外,一切正常。它不会将此数据传递给firebase.firestore以表示它们已通过身份验证 这是我正在使用的脚本,唯一失败的部分是当我尝试添加到Firestore集合时Node.js NodeJS Firestore身份验证-权限被拒绝,node.js,firebase,firebase-authentication,google-cloud-firestore,Node.js,Firebase,Firebase Authentication,Google Cloud Firestore,我正在尝试创建一个客户端脚本,允许某人登录到他们的Google帐户,然后在验证后访问Firestore数据库。除了在使用firebase.auth登录后出于某种原因之外,一切正常。它不会将此数据传递给firebase.firestore以表示它们已通过身份验证 这是我正在使用的脚本,唯一失败的部分是当我尝试添加到Firestore集合时 const firebase = require ("firebase/app"); require("firebase/auth"); require("fi
const firebase = require ("firebase/app");
require("firebase/auth");
require("firebase/firestore");
const fs = require('fs');
const readline = require('readline');
const {google} = require('googleapis');
const util = require('util')
var config = {
**HIDDEN**
};
firebase.initializeApp(config);
const SCOPES = ['email','profile'];
const TOKEN_PATH = 'token.json';
fs.readFile('credentials.json', (err, content) => {
if (err) return console.log('Error loading client secret file:', err);
// Authorize a client with credentials, then call the Gmail API.
authorize(JSON.parse(content), listLabels);
});
function authorize(credentials, callback) {
const {client_secret, client_id, redirect_uris} = credentials.installed;
const oAuth2Client = new google.auth.OAuth2(
client_id, client_secret, redirect_uris[0]);
// Check if we have previously stored a token.
fs.readFile(TOKEN_PATH, (err, token) => {
if (err) return getNewToken(oAuth2Client, callback);
oAuth2Client.setCredentials(JSON.parse(token));
callback(oAuth2Client);
});
}
function getNewToken(oAuth2Client, callback) {
const authUrl = oAuth2Client.generateAuthUrl({
access_type: 'offline',
scope: SCOPES,
});
console.log('Authorize this app by visiting this url:', authUrl);
const rl = readline.createInterface({
input: process.stdin,
output: process.stdout,
});
rl.question('Enter the code from that page here: ', (code) => {
rl.close();
oAuth2Client.getToken(code, (err, token) => {
if (err) return console.error('Error retrieving access token', err);
oAuth2Client.setCredentials(token);
// Store the token to disk for later program executions
fs.writeFile(TOKEN_PATH, JSON.stringify(token), (err) => {
if (err) return console.error(err);
console.log('Token stored to', TOKEN_PATH);
});
callback(oAuth2Client);
});
});
}
function listLabels(auth) {
var credential = firebase.auth.GoogleAuthProvider.credential(auth.credentials.id_token);
firebase.auth().signInAndRetrieveDataWithCredential(credential).catch(function(error) {
var errorCode = error.code;
var errorMessage = error.message;
var email = error.email;
var credential = error.credential;
console.log(errorCode);
console.log(errorMessage);
});
var firestore = firebase.firestore();
firestore.settings({
timestampsInSnapshots: true
});
firestore.collection("users").add({
test: "Hello"
});
firebase.auth().signOut();
}
if true它工作得非常好。但我想确保只有经过身份验证的用户才能访问该数据库
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if request.auth != null;
}
}
}
SignandRetrieveDataWithCredential方法返回一个承诺,您不会等到它完成后再访问Firestore上的数据,因此这可能是导致问题的原因。我相信这可能会奏效:
function listLabels(auth) {
var credential = firebase.auth.GoogleAuthProvider.credential(auth.credentials.id_token);
firebase.auth().signInAndRetrieveDataWithCredential(credential)
.then(user => {
var firestore = firebase.firestore();
firestore.settings({
timestampsInSnapshots: true
});
firestore.collection("users").add({
test: "Hello"
});
firebase.auth().signOut();
})
.catch(function (error) {
var errorCode = error.code;
var errorMessage = error.message;
var email = error.email;
var credential = error.credential;
console.log(errorCode);
console.log(errorMessage);
});
}
啊,我真是个白痴。我能找到的所有示例都只有身份验证部分和如何登录,没有一个包括firestore方面。这起作用了。