Firestore security rules email_verified not working

问题

If I create a new user with createUserWithEmailAndPassword, even though I didn't verify the mail yet, that user is already logged in. And his .emailVerified === false, and until here all good.

Now, I go to the mail, verify it using the link, go back to the web app, it is still .emailVerified === false so I refresh the page, now .emailVerified === true.
So I try to reach this doc:

  public async getPublicUserDetails() {

    const currentUserId = this._angularFireAuth.auth.currentUser.uid;

    try {

      const docRef = this._angularFirestore.collection("users").doc(currentUserId).ref;
      const doc = await docRef.get();

      if (!doc.exists) {
        return null;
      }

      return doc.data() as IPublicUserDetailsDto;
    }
    catch (error) {

      console.error("User " + currentUserId + " details get failed! " + JSON.stringify(error));
      throw error;
    }
  }

It catches an exception, saying I don't have the required permissions to access the doc.

The Firestore rules I'm using are:

rules_version = '2';
service cloud.firestore {

    function dbDocs() { return /databases/$(database)/documents; }
    function isSignedIn() { return request.auth != null && request.auth.uid != null; }
    function isEmailVerified() { return isSignedIn() && request.auth.token.email_verified; }
    function isCurrUser(uid) { return isSignedIn() && request.auth.uid == uid; }
    function userExists(uid) { return exists(/databases/$(database)/documents/users/$(uid)); }

    match /databases/{database}/documents {

        match /users {    

            match /{userId} {
                allow read: if isEmailVerified();
                allow write: if isEmailVerified() && isCurrUser(userId);
            } 
        }
    }
}

I can refresh the page infinite times, but it will work only if I signOut & signIn again OR if I replace the allow read line with

match /{userId} {
    allow read: if isSignedIn(); // replace this
    allow write: if isEmailVerified() && isCurrUser(userId);
}

Conclusion: it seems like the request.auth.token.email_verified does not reflect the value provided inside the FirebaseAuth service, as it seems to get refreshed only if I log out and back in.

Can someone help me, please? Thank you all in advance!

来源：https://stackoverflow.com/questions/57463508/firestore-security-rules-email-verified-not-working