I’m creating using firebase database which requires read and write without any user authentication. The database contain critical information, modification,accessablity can lead to unfair advantage/cheating by user. In such situation how do i secure it, letting access only through app restricting any external access. I read few threads but couldn’t get any satisfactory result. I thing anonymouse sign in might be helpful but don’t know how to impliement. please let me know how to fix it.
Create an app user and autologin from the app, set security rules.
- Firebase credentials shouldn’t be public, so how can anyone get the URL?
While using firebase Authentication component, google-service.json file contains information like database url, api key etc. Placing firebase database url or API key in designer block can also be easily accessible through apk decompilers. If the rules are read/write set to true, can be modified.
try-