英文:
How to fix FirebaseError: Missing or insufficient permissions in React Hook?
问题
你正在使用React Hook、Next.js和Firebase Auth来在Firestore中创建用户的coin记录。这意味着一旦新用户注册,就应该自动在Firestore中为他们创建一个带有uid、coins和createdAt字段的新文档。
但是,当我第一次登录时,遇到了一个错误消息,说:
hydration-error-info.js:27 Error in createUserCoinRecord: FirebaseError: Missing or insufficient permissions.
然而,如果我注销然后再登录,就不再出现这个错误了。
在检查Firebase数据库时,我注意到用户的uid在第一次登录后没有被创建,只有在第二次登录后才被创建。
以下是你提供的React Hook的代码:
export function useCoinRecord() {
// ...
return { created };
}
这是你的Firestore规则:
rules_version = '2';
service cloud.firestore {
// ...
}
登录按钮:
import { signIn } from "next-auth/react";
//...
<button onClick={() => signIn("google")}>
Sign In
</button>
使用Next Auth登录:
import NextAuth from "next-auth";
import GoogleProvider from "next-auth/providers/google";
export const authOptions = {
providers: [
GoogleProvider({
clientId: process.env.GOOGLE_ID,
clientSecret: process.env.GOOGLE_SECRET,
}),
],
};
export default NextAuth(authOptions);
然后使用useEffect来与Firebase登录:
import { useSession } from "next-auth/react";
import { auth, db } from "../firebase/firebase";
//...
const { created } = useCoinRecord();
//...
/api/firebase/create-custom-token:
import { adminAuth } from "@/firebase/firebaseAdmin";
//...
firebase.js:
import { getApp, getApps, initializeApp } from "firebase/app";
import { getAuth } from "firebase/auth";
import { getFirestore } from "firebase/firestore";
//...
export { db, auth };
firebaseAdmin.js:
import admin from "firebase-admin";
//...
export { adminDb, adminAuth };
你的数据库结构如下:
/users/email@example.com/coins
其中email@example.com是uid。
造成FirebaseError的原因可能是Firestore规则不允许第一次登录时写入用户的uid,但在第二次登录后允许。你可以尝试在规则中添加一些日志来调试此问题,以查看请求的详细信息。另外,确保你的Firebase用户在第一次登录时正确地分配了uid。根据你的代码,uid似乎是从用户的电子邮件地址中派生的,这可能会导致问题。你可以在登录时确保分配一个唯一的uid。
如果问题仍然存在,请提供有关Firebase规则、用户身份验证设置和数据库结构的更多详细信息,以便我能够提供更具体的帮助。
英文:
I am using a combination of React Hook, Next.js, and Firebase Auth to create a user coin record in Firestore. This means that as soon as a new user signs up, a new document with a uid should be automatically created for them in Firestore, along with the coins and createdAt fields.
However, when I sign in for the first time, I encounter an error message that says:
> hydration-error-info.js:27 Error in createUserCoinRecord: FirebaseError: Missing or insufficient permissions."
However, if I log out and sign in again, the error does not occur anymore.
Upon checking the Firebase database, I noticed that the uid for the user is not created after the first sign-in but is only created after the second sign-in.
Here's the code for the React Hook:
export function useCoinRecord() {
const { data: session } = useSession();
const userEmailRef = useRef(null);
const [created, setCreated] = useState(false);
async function createUserCoinRecord(uid) {
await setDoc(doc(db, "users", uid), {
coins: 100000,
createdAt: serverTimestamp(),
});
}
useEffect(() => {
async function createCoinRecordIfNeeded() {
if (session) {
if (userEmailRef.current !== session.user.email) {
userEmailRef.current = session.user.email;
try {
await createUserCoinRecord(session.user.email);
setCreated(true);
} catch (error) {
console.error("Error in createUserCoinRecord:", error);
}
}
} else {
userEmailRef.current = null;
}
}
createCoinRecordIfNeeded();
}, [session]);
return { created };
}
And these are my Firestore rules:
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /users/{uid} {
allow read, write: if request.auth != null && request.auth.uid == uid;
}
match /users/{uid}/{document=**} {
allow read, write: if request.auth != null && request.auth.uid == uid;
}
}
}
The Sign in button:
import { signIn } from "next-auth/react";
//...
<button onClick={() => signIn("google")}>
Sign In
</button>
Sign in with Next Auth:
import NextAuth from "next-auth";
import GoogleProvider from "next-auth/providers/google";
export const authOptions = {
providers: [
GoogleProvider({
clientId: process.env.GOOGLE_ID,
clientSecret: process.env.GOOGLE_SECRET,
}),
],
};
export default NextAuth(authOptions);
Then use useEffect to sign in with Firebase:
import { useSession } from "next-auth/react";
import { auth, db } from "../firebase/firebase";
//...
const { data: session } = useSession();
const { coinBalance, setCoinBalance } = useCoinBalanceContext();
const [readyToFetchBalance, setReadyToFetchBalance] = useState(false);
useEffect(() => {
if (session) {
signInWithFirebase(session).then((uid) => {
if (uid) {
setReadyToFetchBalance(true);
}
});
}
}, [session]);
const signInWithFirebase = async (session) => {
const response = await fetch("/api/firebase/create-custom-token", {
method: "POST",
headers: {
"Content-Type": "application/json",
},
body: JSON.stringify({ user: session.user }),
});
const customToken = await response.json();
return signInWithCustomToken(auth, customToken.token)
.then((userCredential) => {
return userCredential.user.uid;
})
.catch((error) => {
console.error("Firebase sign-in error:", error);
});
};
const { created } = useCoinRecord();
useEffect(() => {
if (readyToFetchBalance && created && session?.user?.email) {
(async () => {
const balance = await getCoinBalance(session.user.email);
balance && setCoinBalance(balance);
})();
}
}, [session, readyToFetchBalance, created]);
/api/firebase/create-custom-token
import { adminAuth } from "@/firebase/firebaseAdmin";
export default async function handler(req, res) {
if (req.method !== "POST") {
res.status(405).json({ message: "Method not allowed" });
return;
}
const { user } = req.body;
const uid = user.email;
try {
const customToken = await adminAuth.createCustomToken(uid);
res.status(200).json({ token: customToken });
} catch (error) {
console.error("Error creating custom token:", error);
res.status(500).json({ message: "Error creating custom token" });
}
}
firebase.js
import { getApp, getApps, initializeApp } from "firebase/app";
import { getAuth } from "firebase/auth";
import { getFirestore } from "firebase/firestore";
const firebaseConfig = {
apiKey: process.env.FIREBASE_APIKEY,
authDomain: process.env.FIREBASE_AUTHDOMAIN,
databaseURL: process.env.FIREBASE_DATABASEURL,
projectId: process.env.PROJECTID,
storageBucket: process.env.FIREBASE_STORAGEBUCKET,
messagingSenderId: process.env.FIREBASE_MESSAGINGSENDERID,
appId: process.env.FIREBASE_APPID,
measurementId: process.env.FIREBASE_MEASUREMENTID,
};
const app = getApps().length ? getApp() : initializeApp(firebaseConfig);
const db = getFirestore(app);
const auth = getAuth(app);
export { db, auth };
firebaseAdmin.js
import admin from "firebase-admin";
const serviceAccount = JSON.parse(process.env.FIREBASE_SERVICE_ACCOUNT_KEY);
if (!admin.apps.length) {
admin.initializeApp({
credential: admin.credential.cert(serviceAccount),
});
}
const adminDb = admin.firestore();
const adminAuth = admin.auth();
export { adminDb, adminAuth };
My database is structured like this:
/users/email@example.com/coins
where email@example.com is the uid.
What could be causing the FirebaseError and how can I fix it please?
答案1
得分: 1
我意识到有两个同时运行的钩子之间存在竞争。
问题在于useCoinRecord()试图在用户进行身份验证之前创建一个新文档。为了解决这个问题,我移除了useCoinRecord()并修改了useEffect()钩子,以包括在设置ReadyToFetchBalance标志为true之前创建用户币记录所需的逻辑。
更新后的代码如下:
useEffect(() => {
if (session) {
signInWithFirebase(session).then(async (uid) => {
if (uid) {
await createUserCoinRecord(uid);
setReadyToFetchBalance(true);
}
});
}
}, [session]);
这应该解决竞争条件问题,并确保文档仅在用户进行身份验证后才创建。
英文:
I realized that there is a race between two hooks that are running at the same time.
The issue is that useCoinRecord() tries to create a new document before the user is authenticated. To fix this, I removed useCoinRecord() and modified the useEffect() hook to include the necessary logic for creating the user coin record before setting the ReadyToFetchBalance flag to true.
The updated code looks like this:
useEffect(() => {
if (session) {
signInWithFirebase(session).then(async (uid) => {
if (uid) {
await createUserCoinRecord(uid);
setReadyToFetchBalance(true);
}
});
}
}, [session]);
This should solve the race condition problem and ensure that the document is only created after the user is authenticated.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论