Lesson 13

Configuring for Production

Making sure the app works in a production environment

PRO

Lesson Outline

Updating Security Rules

At the moment, our Firestore security rules define the admin user as [email protected] (well, mine do - hopefully yours use your own email address) That's not going to work so well for our actual client. If they attempt to authenticate with their own Google account, they aren't going to be able to access anything. We will need to update this to use the clients email address.


Project management

Make sure to create an issue and task branch for this work, e.g:

chore: update security rules with clients email address


Update firestore.rules to use the clients email address (assuming that you aren't actually delivering this app to someone else, you might test this by using a different email address that you own)

rules_version = '2';
service cloud.firestore {

  match /databases/{database}/documents {

    match /{document=**} {
      allow read, write: if isAdmin();
    }
  }

  function isAdmin(){
  	return request.auth != null && request.auth.token.email == '[email protected]' && request.auth.token.email_verified;
  }
}

Now let's run our Firestore security rules tests to see if this breaks anything:

npm run test:rules

and indeed it does break things:

PRO

Thanks for checking out the preview of this lesson!

The full version of this lesson is only available to pro members. If you would like full access to this module and all of the other pro modules on Elite Ionic you can become a pro member (or log in if you are already a member).