I have a function where I want to perform some server-side validations, but I"m not sure how to do this? Any suggestions where I should look. THere is nothing in the documentation of how to do it?
我有一个功能,我想执行一些服务器端验证,但我不知道该怎么做?我应该看看的任何建议。文档中没有什么是如何做到的?
3 个解决方案
#1
18
The best way to do this is to create a "pending" node and a "completed" node in Firebase. Every time the client takes an action that requires server validation, have the client add an entry into the pending node. On the server side, you can use the Firebase node.js client (or Java SDK) to listen for changes on the "pending" node, validate the action, and then put it in the "complete" node if the validation succeeds. You'll need to setup your security rules such that only the server code can add items into the "complete" node (for example, by using the secret) - learn more about the Firebase security rules here: https://www.firebase.com/docs/security/security-rules.html
执行此操作的最佳方法是在Firebase中创建“待定”节点和“已完成”节点。每次客户端执行需要服务器验证的操作时,请让客户端在挂起节点中添加一个条目。在服务器端,您可以使用Firebase node.js客户端(或Java SDK)侦听“挂起”节点上的更改,验证操作,然后在验证成功时将其置于“完整”节点中。您需要设置安全规则,以便只有服务器代码才能将项目添加到“完整”节点(例如,使用密码) - 请在此处详细了解Firebase安全规则:https://www.firebase .COM /文档/安全性/安全性rules.html
If your validations are fairly simple to perform, you may be able to do the validation using the security rules themselves - they provide simple string/integer/boolean validation.
如果您的验证执行起来相当简单,您可以使用安全规则本身进行验证 - 它们提供简单的字符串/整数/布尔验证。
#2
5
It's late. However, just for someone passing by. Firebase has introduce Cloud Function a month ago. Try to check the official link out. It allow you to put some logics in server side.
晚了。但是,只为路过的人。 Firebase一个月前推出了Cloud功能。尝试检查官方链接。它允许您在服务器端放置一些逻辑。
https://firebase.google.com/docs/functions/
https://firebase.google.com/docs/functions/
In my understanding instead of thinking about the communication to server as common Request and Response you need to see it as Database trigger event. You can set up the function that will be called when specific action happen.
在我的理解中,您不需要将通信请求和响应视为与服务器的通信,而是将其视为数据库触发事件。您可以设置在特定操作发生时将调用的函数。
#3
2
Pattern 2 in this blog article might help. https://firebase.googleblog.com/2013/03/where-does-firebase-fit-in-your-app.html
本博客文章中的模式2可能有所帮助。 https://firebase.googleblog.com/2013/03/where-does-firebase-fit-in-your-app.html
In this architecture, Firebase sits between the server and clients. Your servers can connect to Firebase and interact with the data just like any other client would. In other words, your server communicates with clients by manipulating data in Firebase. Our Security and Firebase Rules language lets you assign full access to your data to your server. Your server code can then listen for any changes to data made by clients, and respond appropriately.
在此体系结构中,Firebase位于服务器和客户端之间。您的服务器可以连接到Firebase并与其他客户端一样与数据进行交互。换句话说,您的服务器通过操纵Firebase中的数据与客户端进行通信。我们的安全和Firebase规则语言允许您将数据的完全访问权限分配给服务器。然后,您的服务器代码可以侦听客户端对数据所做的任何更改,并进行适当的响应。
#1
18
The best way to do this is to create a "pending" node and a "completed" node in Firebase. Every time the client takes an action that requires server validation, have the client add an entry into the pending node. On the server side, you can use the Firebase node.js client (or Java SDK) to listen for changes on the "pending" node, validate the action, and then put it in the "complete" node if the validation succeeds. You'll need to setup your security rules such that only the server code can add items into the "complete" node (for example, by using the secret) - learn more about the Firebase security rules here: https://www.firebase.com/docs/security/security-rules.html
执行此操作的最佳方法是在Firebase中创建“待定”节点和“已完成”节点。每次客户端执行需要服务器验证的操作时,请让客户端在挂起节点中添加一个条目。在服务器端,您可以使用Firebase node.js客户端(或Java SDK)侦听“挂起”节点上的更改,验证操作,然后在验证成功时将其置于“完整”节点中。您需要设置安全规则,以便只有服务器代码才能将项目添加到“完整”节点(例如,使用密码) - 请在此处详细了解Firebase安全规则:https://www.firebase .COM /文档/安全性/安全性rules.html
If your validations are fairly simple to perform, you may be able to do the validation using the security rules themselves - they provide simple string/integer/boolean validation.
如果您的验证执行起来相当简单,您可以使用安全规则本身进行验证 - 它们提供简单的字符串/整数/布尔验证。
#2
5
It's late. However, just for someone passing by. Firebase has introduce Cloud Function a month ago. Try to check the official link out. It allow you to put some logics in server side.
晚了。但是,只为路过的人。 Firebase一个月前推出了Cloud功能。尝试检查官方链接。它允许您在服务器端放置一些逻辑。
https://firebase.google.com/docs/functions/
https://firebase.google.com/docs/functions/
In my understanding instead of thinking about the communication to server as common Request and Response you need to see it as Database trigger event. You can set up the function that will be called when specific action happen.
在我的理解中,您不需要将通信请求和响应视为与服务器的通信,而是将其视为数据库触发事件。您可以设置在特定操作发生时将调用的函数。
#3
2
Pattern 2 in this blog article might help. https://firebase.googleblog.com/2013/03/where-does-firebase-fit-in-your-app.html
本博客文章中的模式2可能有所帮助。 https://firebase.googleblog.com/2013/03/where-does-firebase-fit-in-your-app.html
In this architecture, Firebase sits between the server and clients. Your servers can connect to Firebase and interact with the data just like any other client would. In other words, your server communicates with clients by manipulating data in Firebase. Our Security and Firebase Rules language lets you assign full access to your data to your server. Your server code can then listen for any changes to data made by clients, and respond appropriately.
在此体系结构中,Firebase位于服务器和客户端之间。您的服务器可以连接到Firebase并与其他客户端一样与数据进行交互。换句话说,您的服务器通过操纵Firebase中的数据与客户端进行通信。我们的安全和Firebase规则语言允许您将数据的完全访问权限分配给服务器。然后,您的服务器代码可以侦听客户端对数据所做的任何更改,并进行适当的响应。