In this chapter, we're going to cover the following recipes:
In modern applications, providing a well-built authentication system is a good thing for any application, but securing the actual resources we have means securing who has access to what, or who can see what. This is essential because we really want only the people with a subscription to have access to, for example, the Packtpub library of awesome content. Furthermore, such behavior is now the standard unless your application is a Floppy Bird where it's open to everyone.
Firebase does have, in fact, a powerful authorization system spread with application diverse section, from Storage to Real-time Database. The actual knowledge of how to effectively and successfully handle our authorization system will make our application more secure and give the feel of resilience to its users.
Before starting, it's essential to know how Firebase really performs or applies...
The Firebase team made it clear, we want a more robust system that can be manipulated locally and can be robust enough and more developer friendly, so they created the Bolt language, and according to the Firebase team the language is:
To use it locally, we need to install a NodeJS utility on our development machine, fire up your terminal/cmd, and type the following command:
~> npm install -g firebase-bolt
This command will go and install the Firebase Bolt compiler locally, now go ahead and create a new file and name it whatever you want, but don't forget to give it the .bolt extension.
Now in order to compile this file simply type the following command in your terminal/cmd:
~> firebase-bolt...
Securing our database is a highly essential thing to do while launching or even while testing your application, simply because we don't want any unwanted behavior to come in place or more, we don't want any security breaches to happen. In this recipe, we're going to see how we can properly secure our Firebase database.
Before starting with this recipe, please make sure that your system is fully configured to support the Bolt language.
To keep things real, let's suppose we're...
Sometimes or often, we save some user-related data, which means data that has a relationship with a particular user, and in this recipe, we're going to see how we implement just that!
Before starting with this recipe, please make sure that your system is fully configured to support the Bolt language.
Now, let's see how we can secure the set of articles that belong to a specific user:
path /articles/{uid}/drafts {
/create {
create() { isCreator(uid) }
}
...File upload service or Firebase Storage service security is highly essential, which means that we don't want any security breaches that can simply delete our file storage or jeopardize the good presence of our files. In this recipe, we're going to see how we can implement/configure our storage security.
In order to secure the Firebase Cloud files, we will need to use the Firebase security rules for Cloud Storage, those rules will be declared to maintain who has access to what, also those rules will define how data is structured and how metadata is saved.
This means that we're going to use a different language then the Bolt one. Also, for these rules to work...
Many times, our users will have their own files within our system, so securing the data integrity/presence is highly essential. In this recipe, we'll see how we can configure our user-based file storage system.
In order to be ready, you will need to the follow the given steps :
© 2017 Packt Publishing Limited All Rights Reserved
