From a1ab24d3dabc1eeb0550c92ae503b468a7ae3c87 Mon Sep 17 00:00:00 2001
From: Kyle Gill <kylerobertgill@gmail.com>
Date: Wed, 5 Jun 2019 15:19:57 -0600
Subject: [PATCH] fix: improve database rules

---
 firestore.rules | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/firestore.rules b/firestore.rules
index e8f8d79..6c56267 100644
--- a/firestore.rules
+++ b/firestore.rules
@@ -1,7 +1,12 @@
 service cloud.firestore {
   match /databases/{database}/documents {
     match /{document=**} {
-      allow read, write: if request.auth != null;
+      allow read: if request.auth != null
+      						&& request.auth.uid == resource.data.userId
+                  && request.auth.token.email_verified;
+      allow write: if request.auth != null
+      						&& request.auth.uid == resource.data.userId
+                  && request.auth.token.email_verified;
     }
   }
 }