taking todomvc example consideration (https://github.com/firebase/angularfire/tree/gh-pages/examples/todomvc), if add authentication app, how handle visibility of user - i.e. if user1 adds todo items, i'd make sure it's visible them , if user2 logs in, doesn't see user1's items. how can achieve this?
on top of - guess second question relevant previous 1 - best way store todos , users , visibility of each todo?
assuming we're talking simple login authentication, user object contain id (with custom login, determine contents). split todos user id, storing them in separate paths.
/todos/user_id/... then in security rules, after login, auth object contains user's id, can secure each path user:
"todos": { "$user_id": { ".read": "auth.id === $user_id", ".write": "auth.id === $user_id", } } keep in mind if going use multiple providers, want split provider, since ids unique given provider.
/todos/provider_id/user_id "todos": { "$provider_id": { "$user_id": { ".read": "auth.id === $user_id && auth.provider === $provider_id", ".write": "auth.id === $user_id && auth.provider === $provider_id", } } } 
Comments
Post a Comment