Almost certainly used method in Firestore security rules

Cloud Firestore security rules introduce a method that you use almost 100% of the time.

isAuthenticate Whether there is authentication of the user

The first one is this

function isAuthenticate() {
  return request.auth != null;
}

This checks if the requesting user is login authenticated.
Please note that anonymous authentication is also included.

isUserAuthenticate Whether the document under User can be updated

The second is this

function isUserAuthenticate(userId) {
  return request.auth.uid == userId;
}

It is often used when Firestore data storage method is like this.

user/{userId}/~~~

In this case, use under the User Collection when you want to allow only when userIdauthentication uidis equal.

First of all, when you write the security rule of Firestore, copy and paste these two

For now, copy and paste these two methods right away.

service cloud.firestore {
  match /databases/{database}/documents {
    function isAuthenticate() {
      return request.auth != null;
    }
    function isUserAuthenticate(userId) {
      return request.auth.uid == userId;
    }
　　 // write rules
    match /{document=**} {
      allow read, write;
    }
  }
}

that’s all.