Created
March 3, 2016 00:05
-
-
Save katowulf/fc1ef0fa31871a0aad2d to your computer and use it in GitHub Desktop.
Search for users by email address in Firebase, without exposing everyone's email address to the world in a bulk-readable format.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "rules": { | |
| "users": { | |
| "$user_id": { | |
| // email address is required | |
| ".validate": "newData.hasChildren(['email'])", | |
| } | |
| }, | |
| "emails_to_users": { | |
| // I can't list or search the emails_to_users/ path | |
| "$email_escaped": { | |
| // I can check any email address I already know to find the user id | |
| ".read": true, | |
| // I can only change my own email entry and it must match my user entry | |
| ".write": "!data.exists() && data.val() === auth.uid && root.child('users/' + data.val() + '/email').val().replace('.', '%2E') === $email_escaped" | |
| } | |
| } | |
| } | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function uidForEmail(email) { | |
| return new Promise(function(resolve, reject) { | |
| ref.child('emails_to_users/' + escapeEmail(email)).once('value', function(snap) { | |
| resolve(snap.val()); | |
| }, reject); | |
| }); | |
| } | |
| function escapeEmail(email) { | |
| return email.replace('.', '%20'); | |
| } | |
| // try it out! | |
| uidForEmail('[email protected]').then(function(uid) { | |
| console.log('uid for katowulf', uid || '<does not exist>'); | |
| }, console.error); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment