Linked Questions

Popular Questions

Setting Firebase Database Security Rules For Simple App

Asked by At

I am using Firebase for a very simple purpose-- just to create a real-time button for WordPress that disappears on-click. There are no users/ authentication.

How can I make security rules that prevent someone from tampering with the database, but allow the button to work? The simple way I know how is to set the security write": false, but then the button won't work as the Firebase variables cannot be altered/updated. Documentation seems to be more directed at apps with users, but does seem to mention being able to set limits on read/write/etc for certain paths.

Perhaps I can make it so that only the used Firebase paths/variables used can be updated?

var database = firebase.database();
//firebase queue

//**************
///timer fb
let timestamp;
let now = new Date().getTime();
let endTimeRef = firebase.database().ref("server");
let endTime;
let minutes;
let secondsDisplay;
let distance= endTime-now;
let buttonDisplay=  document.getElementById("queue");
let timerDisplay =  document.getElementById("timer_fb");
let message=        document.getElementById("timer_div");

function displayTimer(){
  
   minutes = Math.floor((distance % (1000 * 60 * 60)) / (1000 * 60));
   secondsDisplay= Math.floor((distance % (1000 * 60)) / 1000);
      
   let s;
   if (minutes >= 1 || secondsDisplay >= 1) {
      if (minutes >= 1 && secondsDisplay >= 10) {
        s = "Time Until Next Person: " + minutes + ":" + secondsDisplay;
      } else if (minutes >= 1) {
        s = "Time Until Next Person: " + minutes + ":0" + secondsDisplay;
      } else {
        s = "Time Until Next Person: " + secondsDisplay + "s";
      }
    } else {
      s = "";
    }
    document.getElementById("timer_fb").innerHTML = s;
  
}

function setTimer() {
    let interval = setInterval(function() {
      
      now = new Date().getTime();
      distance= endTime-now;
      
      //update timer display
      displayTimer();
           
      if (distance <= 0) {  
        buttonDisplay.style.display = "block";
        timer_div.style.display = "block";
        document.getElementById("timer_div").innerHTML = "This session is open!";
        clearInterval(interval);
        timerState.set('off');
        endTimeRef.set(0);
           }
    }, 1000);
  }


//display timer
   

//state machine
let timerState = firebase.database().ref("timerState");

let timer;

timerState.on("value", function(snapshot) {
   
    timer= snapshot.val();
    if(timer == "on"){   
      buttonDisplay.style.display = "none"; 
      message.style.display = "none";
      endTimeRef.once("value", function(snap) {
      let endStamp  = snap.val();
        console.log("stored button snap value check: ", snap.val());
      now = new Date().getTime();  
     endTime= endStamp +100000;
     distance= endTime-now;    
            
     //show display right after button is pressed   
   displayTimer();
   setTimer(); 
    }); 
  }   
});



//********
//*****on click handler
document.getElementById("queue").onclick = function() {
  //hide button 
  buttonDisplay.style.display = "none"; 
  message.style.display = "none";
  
  //set time button comes back
     now = new Date().getTime();
     endTime= now + 100000;
     endTimeRef.set(now);
     
  //firebase state machine
  timerState.set('on');
  //setInterval handler, used for timer/countdown
  //need to wrap interval in function so that it can be reused 
};

Related Questions