I need some help with securing my database.
My database looks like this (i'm using phone numbers instead of uid):
As you can see under the Users node there are the phone numbers of the authenticated users. My goal is to secure the database so the Users would be able to read and write their own data.
I've tried this code to give access to each user to read and write his own data:
{
"rules": {
"Users":{
"$user":{
".read": "auth.token.phone_number===$user",
".write": "auth.token.phone_number===$user"
}
}
}
}
But whenever I try this on the rules playground or on my app I get simulated read denied:
Can you guys help me resolve it?
