hello james, bretty cool video😊 Maybe it would be also nice to do a "google cloud functions vs supabase edge functions" video. thank you a lot for your education and great videos.
This is awesome! Thank you for posting your videos! Question: How do you design these Cloud Functions to be secure? In other words, I want to make sure that each of my user's data and interactions in the App are kept secure and confidential? IS there a way to authenticate the user with the Cloud Function? (Apologies if this is obvious. I'm a Noob.)
The core purpose of Cloud Functions is to abstract away not only the heavy lifting of processing large data sets, but also to remove the need for or ability of individual clients to be writing to your database/s. This makes your app more performant and more secure, particularly web apps where the user can easily lift the hood to see and change what’s happening inside. Whilst I’m more familiar with Lamba Functions (AWS) my understanding is that if you are using Firebase Authentication, all requests sent from your app clients (web/mobile) to Firestore will be authenticated and will only allow users to do what you have allowed them via that framework. When it comes to Google Cloud Functions however, the function requires its own identity to be created via the Google IAM (Identity & Access Management) service, and it uses this to access your Firestore database and other cloud resources. This is not subject to the Firebase Auth rules, so you will need to write your functions in such a manner that they check the “Context” of that user before your function hits the database. I believe this Context is typically passed as a property within the cloud function request itself, but I haven’t read the FF docos on this just yet. I hope this helps and doesn’t create more confusion.
hello you are the one whose videos are perfectly designed for beginers as well as pro ..... i want to join your patreon community very much but 5$ is very big amount for me because in my country 5$ = 60$ in your country... please give me a discount to join with amazing teacher like you... it will really helpful to me and it will creat an huge imact to us. thankyou
does anybody always get deployment error?, no matter how simple the cloud function is, even a return 'hello world'; will fail, I noticed it only happens after several deployments
Hi I am a regular learner from your videos. This video is also very helpful can you please add trigger cloud function on particular date & time. Like birthday push notification /sms.
Esto es genial!!! Una consulta! Se pueden usar las cloud función para activar una acción en segundo plano. Por ejemplo solicitar ubicación de un dispositivo mientras la app está en segundo plano!? Gracias por el video
There's the option to create a cloud functions onWrite your would have to declare that in the body of the function. see here an example: exports.useTest = functions.firestore .document("users/{userId}") .onWrite(async (handle, context) => { console.log("before", handle.before.data()); console.log("after", handle.after.data()); console.log("eventType", context.eventType); }); but chat gpt is normally really good to help if you ask it :)
Okay thats great to know WHAT or HOW, but what about WHY? Okay, i Get that it can do functions and database on a foreign computer, but you missed WHY that its better outsourcing it somewhere else Versus Locally... Wouldnt it be faster, and provide more indpendence and better reliability without having to rely or be at the mercy of Google's cloud? Like what if there was some kind of error or mishap at a 3rd party Cloud services like google, or if there were like a Power outtage at their facility, or something. I would imagine being able to run things independently would for the Most part be ideal, no?
Hey there :) I wanted to add my 2 cents here. It is recommended to use cloud functions in the following occasions: 1. you have data that changes for multiple people that you want to act upon. So let's say you have a tinder clone app, when someone matches with you, you want to make sure that all data is created accordingly for both users. (a message thread, trigger a push notification etc.) When you would run all of those things on the client/user device there is an option of some things not being created due to network issues etc. as your device is the one performing all of those actions subsequently and also is less powerful as a server hosted by google for example. 2. when you want to secure logic, beware everything that you write as code or in the action builder in your app, could be tampered with by someone with knowledge. So they could easily misuse your services and "cheat" in ways that you don't want them to. Good example for this would be how you perform api calls to open AI or a game where you get a gift when you reach a level. You could fairly easily modify code in the app to get the gift without having the level or just use your api credentials that you pay for, for their own use (open ai). 3. Sensitive data When your device would do all the computing, you could easily see data from users that you shouldn't see, even if it isn't displayed in the UI (code and data is still viewable when you debug it on your computer). For example, to bring back the tinder example, when you would do all the computing when you match with someone on your clients devices, information like email, birthday or even more sensitive stuff would be sent to a device that you don't trust. E.g. You match with someone else, the user data of the person you matched with get's sent to your device (birthday, email, phone number, count of matches, people they matched with), even if you don't display that, you would still need to update some and therefore you could read it if you know how to debug. Of course there's many more scenarios where it makes sense to run code code on cloud, but this should help already.
@@JosefHamstr Ooo i see... thanks for Clarifying that my friend. I never looked it at that way and did not know that a user can retrieve those type of sensitive info that easily,( even if the data wasnt displayed)... I suppose the only thing to worry about is whether the user trusts the Cloud like google or whoever to secure your data without selling it or handing it off to another entity.
👍VIEW/CLONE ALL MY NOCODE APPS + support my work: www.patreon.com/jamesnocode
👍GET MY NEW TRAINING - MASTERING FLUTTERFLOW: masteringflutterflow.com
We need more advance tutorials in Flutterflow mastery course related to cloud functions
hello james, bretty cool video😊 Maybe it would be also nice to do a "google cloud functions vs supabase edge functions" video. thank you a lot for your education and great videos.
Cloud functions in Flutterflow must also include the triggers based on time, now that is going to be game changer!
can u plz give some idea about it>? I am looking for the same
you explain things so so well!! amazing video
This is awesome! Thank you for posting your videos!
Question: How do you design these Cloud Functions to be secure? In other words, I want to make sure that each of my user's data and interactions in the App are kept secure and confidential? IS there a way to authenticate the user with the Cloud Function? (Apologies if this is obvious. I'm a Noob.)
The core purpose of Cloud Functions is to abstract away not only the heavy lifting of processing large data sets, but also to remove the need for or ability of individual clients to be writing to your database/s. This makes your app more performant and more secure, particularly web apps where the user can easily lift the hood to see and change what’s happening inside.
Whilst I’m more familiar with Lamba Functions (AWS) my understanding is that if you are using Firebase Authentication, all requests sent from your app clients (web/mobile) to Firestore will be authenticated and will only allow users to do what you have allowed them via that framework. When it comes to Google Cloud Functions however, the function requires its own identity to be created via the Google IAM (Identity & Access Management) service, and it uses this to access your Firestore database and other cloud resources. This is not subject to the Firebase Auth rules, so you will need to write your functions in such a manner that they check the “Context” of that user before your function hits the database. I believe this Context is typically passed as a property within the cloud function request itself, but I haven’t read the FF docos on this just yet. I hope this helps and doesn’t create more confusion.
Great tutorial. I needed understanding on this and James has once again made it simple to understand fr! Thanks man!
Why not used supabase?
thank you!
hello you are the one whose videos are perfectly designed for beginers as well as pro .....
i want to join your patreon community very much but 5$ is very big amount for me because in my country 5$ = 60$ in your country... please give me a discount to join with amazing teacher like you...
it will really helpful to me and it will creat an huge imact to us.
thankyou
Hi james, WE Can use cloud function even if WE don't use Firestore? as backend, i use supabase, edge function don't match my need
does anybody always get deployment error?, no matter how simple the cloud function is, even a return 'hello world'; will fail, I noticed it only happens after several deployments
Hi I am a regular learner from your videos. This video is also very helpful can you please add trigger cloud function on particular date & time. Like birthday push notification /sms.
Thanks for the helpful content. So now that this is available, are you continuing to use supabase or you will return to firebase ?
Great. Tanks for this wonderfull tutorial.
how to integrate cloud function with BARD AI?
are you going to update your course with more advance examples?
Can you do a tutorial implement openai api with cloud functions please?
how to integrate with sqlserver which is our legacy system?
function6 how to integrate with API to generate a PDF?
Esto es genial!!! Una consulta! Se pueden usar las cloud función para activar una acción en segundo plano. Por ejemplo solicitar ubicación de un dispositivo mientras la app está en segundo plano!? Gracias por el video
Need Learn how create a headless CMS frontend systems
Nice video
Will soon be patreon member
Can i build a Readwise with no code?
Great content as always. Thank u 🎉
How can we trigger a cloud function on a Firestore change? I can only see how to manually trigger them with an action.
There's the option to create a cloud functions onWrite your would have to declare that in the body of the function.
see here an example:
exports.useTest = functions.firestore
.document("users/{userId}")
.onWrite(async (handle, context) => {
console.log("before", handle.before.data());
console.log("after", handle.after.data());
console.log("eventType", context.eventType);
});
but chat gpt is normally really good to help if you ask it :)
Okay thats great to know WHAT or HOW, but what about WHY? Okay, i Get that it can do functions and database on a foreign computer, but you missed WHY that its better outsourcing it somewhere else Versus Locally... Wouldnt it be faster, and provide more indpendence and better reliability without having to rely or be at the mercy of Google's cloud? Like what if there was some kind of error or mishap at a 3rd party Cloud services like google, or if there were like a Power outtage at their facility, or something. I would imagine being able to run things independently would for the Most part be ideal, no?
Hey there :) I wanted to add my 2 cents here. It is recommended to use cloud functions in the following occasions:
1. you have data that changes for multiple people that you want to act upon. So let's say you have a tinder clone app, when someone matches with you, you want to make sure that all data is created accordingly for both users. (a message thread, trigger a push notification etc.) When you would run all of those things on the client/user device there is an option of some things not being created due to network issues etc. as your device is the one performing all of those actions subsequently and also is less powerful as a server hosted by google for example.
2. when you want to secure logic, beware everything that you write as code or in the action builder in your app, could be tampered with by someone with knowledge. So they could easily misuse your services and "cheat" in ways that you don't want them to. Good example for this would be how you perform api calls to open AI or a game where you get a gift when you reach a level. You could fairly easily modify code in the app to get the gift without having the level or just use your api credentials that you pay for, for their own use (open ai).
3. Sensitive data
When your device would do all the computing, you could easily see data from users that you shouldn't see, even if it isn't displayed in the UI (code and data is still viewable when you debug it on your computer). For example, to bring back the tinder example, when you would do all the computing when you match with someone on your clients devices, information like email, birthday or even more sensitive stuff would be sent to a device that you don't trust. E.g. You match with someone else, the user data of the person you matched with get's sent to your device (birthday, email, phone number, count of matches, people they matched with), even if you don't display that, you would still need to update some and therefore you could read it if you know how to debug.
Of course there's many more scenarios where it makes sense to run code code on cloud, but this should help already.
@@JosefHamstr Ooo i see... thanks for Clarifying that my friend. I never looked it at that way and did not know that a user can retrieve those type of sensitive info that easily,( even if the data wasnt displayed)... I suppose the only thing to worry about is whether the user trusts the Cloud like google or whoever to secure your data without selling it or handing it off to another entity.