Firebase Security issue in creating user accounts using javascript -
i've been using javascript create users in firebase .this code given in firebase guide
var ref = new firebase("https://<your-firebase-app>.firebaseio.com"); ref.createuser({ email : "bobtony@firebase.com", password : "correcthorsebatterystaple" } this data available browser console , can security threat (any 1 can create account themselves) there security measure can take prevent ?
absolutely,
the way firebase handles security bit different (by own admission). here basic concepts:
authentication
firebase provides tools allowing authentication, these include
- integrations facebook, github, google, , twitter authentication providers
- email & password login, , account management
- single-session anonymous login
- and custom login tokens
authorization
firebase allows specify rules live on firebase servers via account dashboard
data validation
firebase has set of rules in language includes .validate rule. use specify declarative validation rules .read , .write rules
in specific case, write declarative rules limit write access app. this:
{ "rules": { "userslocation": { ".read": true, ".write": false, } } }
Comments
Post a Comment