fix: improve database rules

2019-06-05 15:19:57 -06:00
parent 3b6fa6f3b1
commit a1ab24d3da
1 changed files with 6 additions and 1 deletions
--- a/firestore.rules
+++ b/firestore.rules
@@ -1,7 +1,12 @@
 service cloud.firestore {
  match /databases/{database}/documents {
    match /{document=**} {
-      allow read, write: if request.auth != null;
+      allow read: if request.auth != null
+      						&& request.auth.uid == resource.data.userId
+                  && request.auth.token.email_verified;
+      allow write: if request.auth != null
+      						&& request.auth.uid == resource.data.userId
+                  && request.auth.token.email_verified;
    }
  }
 }