Firebasecloud~30 mins

Rule syntax and structure in Firebase - Mini Project: Build & Apply

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Firebase Rule Syntax and Structure

📖 Scenario: You are setting up security rules for a Firebase Realtime Database to control access to user data in a simple app.

🎯 Goal: Build a basic Firebase Realtime Database security rule that allows read and write access only to authenticated users under their own user ID.

📋 What You'll Learn

Create a rules dictionary with a rules key

Add a users node under rules to represent user data

Set read and write permissions to allow only authenticated users to access their own data using auth.uid

Use the correct Firebase rule syntax for matching user IDs

💡 Why This Matters

🌍 Real World

Firebase security rules protect user data in mobile and web apps by controlling who can read or write data.

💼 Career

Understanding Firebase rules is essential for developers working with Firebase backend services to ensure app security and data privacy.

Progress0 / 4 steps

Create the base rules structure

Create a variable called rules that is a dictionary with a key rules set to an empty dictionary {}.

Firebase

# Your code here

Need a hint?

Start by creating a dictionary named rules with a key rules set to an empty dictionary.

Add the users node under rules

Add a key users inside rules["rules"] and set it to an empty dictionary {}.

Firebase

rules = {
    "rules": {
        # Add users node here
    }
}

Need a hint?

Inside the rules dictionary, add a users key with an empty dictionary as its value.

Add a wildcard to match user IDs

Inside rules["rules"]["users"], add a wildcard key "$user_id" set to an empty dictionary {}.

Firebase

rules = {
    "rules": {
        "users": {
            # Add $user_id wildcard here
        }
    }
}

Need a hint?

Use a wildcard "$user_id" inside users to represent any user ID.

Set read and write rules for authenticated users

Inside rules["rules"]["users"]["$user_id"], add ".read" and ".write" keys. Set both to the condition "auth != null && auth.uid == $user_id".

Firebase

rules = {
    "rules": {
        "users": {
            "$user_id": {
                # Add .read and .write rules here
            }
        }
    }
}

Need a hint?

Set both .read and .write to allow only authenticated users matching the user ID.