How to have Secure Rules on Firebase, and allow Auth Users to Read/Write