Is Cloud Firestore a good selection for a bank account? Can it be safe and reliable to save people's money which is a number to the Cloud Firestore? My concern is reliability and security. Any suggestions?
Good stuff. Real gem there in tip #8 about using cloud functions for security and to transform "simple" client documents that describe a desired action
Great presentation , covers a lot in 25 minutes. BTW: Code at 12:02 may let through the case when user updates status but also would then allow updates to other properties on the document (That we probably don't want to happen) ? I think it should also be checking other properties of the document are not being changed?
You're right, it's just simplified not to confuse with loads of information on screen. In real life scenario you would compare incoming data via request.resource.data with one existing in firestore using resource.data and reject any unwanted modification attempt.
Is it safe to assume that my client code is safe if authentication is required to access Firebase Database? If a user makes changes to my app the signature will also change and this will make it impossible for the user to log-in into my app using firebase am i right?
Listened to it at 2x speed. Was amazing.
Is Cloud Firestore a good selection for a bank account? Can it be safe and reliable to save people's money which is a number to the Cloud Firestore? My concern is reliability and security. Any suggestions?
Really love Todd's energy and never get bored even when I don't understand things from him.
You were here first. You deserve a like.
Good stuff. Real gem there in tip #8 about using cloud functions for security and to transform "simple" client documents that describe a desired action
Great presentation , covers a lot in 25 minutes. BTW: Code at 12:02 may let through the case when user updates status but also would then allow updates to other properties on the document (That we probably don't want to happen) ? I think it should also be checking other properties of the document are not being changed?
You're right, it's just simplified not to confuse with loads of information on screen. In real life scenario you would compare incoming data via request.resource.data with one existing in firestore using resource.data and reject any unwanted modification attempt.
"Five" rules ^_^.
Great stuff, thou.
Awesome, guys! Yes, Todd is cool and I like Mike too.
You should've said from the start to see the video on 0.75 speed
xD
Is it safe to assume that my client code is safe if authentication is required to access Firebase Database?
If a user makes changes to my app the signature will also change and this will make it impossible for the user to log-in into my app using firebase am i right?
Can't hide the config on client side, it's client side, anybody can have that
Rules have become complicated than the actual app 😂
Good👍
Amazing
Cool
Nice
Good Tips , Thanks
hello but i will make app in maerkoid
But you don't say, how to secure decompiling app and hack my base( #0)