I have a set of Firebase Functions that works as an API for an application.
These Firebase Functions connect to the database with admin privileges as this:
const serviceAccount = require(`./config/xxx-firebase-adminsdk.json`);
admin.initializeApp({
credential: admin.credential.cert(serviceAccount),
databaseURL: DATABASE_URL,
});
I was able to create a custom token and I'm receiving/decoding it in the server but I cannot make use of the security rules because the Firebase function is authenticated with admin privileges.
Is there a way of impersonating the credentials or maybe pass a different user when accessing the database?