Hey @William_Glass … I knew that this question was coming and I’ve been working on a response. Here goes …
Step 1) Confirm Firebase database type
Everything we’ve done to this point is setting up the authority (login, refresh token, etc). Now we need to set up the database.
The first thing you need to check is that you are using the correct database type in Firebase.
There are two database types in Firebase … Could Firestore and Realtime Database.
What we’ve set up ONLY works with the Firebase Realtime Database.
There’s a great tutorial that was released using Cloud Firestore. Unfortunately, I haven’t found a way to secure the data using the Cloud Firestore via the AppGyver REST API. (If anyone finds a solution to this … please let me know).
Once you’ve confirmed that you’re using the Firebase Realtime Database, you can move to step 2.
Step 2) Setup the Firebase Realtime Database
In this example, I’m storing settings for a specific user.
Whenever possible, try to store your data this way.
We are using an exposed API and if anyone hacks your app, only that specific user’s data would be compromised.
Here’s the Firebase Realtime Database screenshot of the data setup …
Step 3) Setup AppGyver REST API
Here’s what the setup looks like in AppGyver
Get Record …
Get Record Schema …
Update Record …
Step 4) Secure your data
When testing your connection, change your database rules to this …
// WARNING: Your database is wide open with these rules. Anyone can read, write, delete your data.
Once you’ve confirmed that you have a connection. Test that you have a valid auth …
// BETTER: Only logged in users have access (can read, write, delete) to this data
// This will only allow users with a valid id token to access the data.
".read": "auth.uid != null",
".write": "auth.uid != null"
Once you know your Auth Id Token works. Secure your data even further by setting these rules …
// BEST: Only the specific logged in user can read and write their own data.
// Notice that I've now specified the table within the database. So you need an entry each table.
".read": "$user_id === auth.uid",
".write": "$user_id === auth.uid"
Hope this helps