This question already has answers here:
Can someone please explain to me why we need Firebase security rules when I can literally write rules in my client code?
(1 answer)
Is it safe to expose Firebase apiKey to the public?
(10 answers)
Closed 14 days ago.
This post was edited and submitted for review 14 days ago.
Quick question: I am creating a blogging site with Firebase and it wants me to set up safe rules everytime. As long as people cannot get info from database, because they cannot call get() and set() functions from debug console, why do i need rules? Can they get my credentials and use it in another app and how can i prevent it with rules? Thanks by now!
My Current Rules:
{
"rules": {
".write": true,
".read": true
}
}
Related
{
"rules": {
".read": "true",
".write": "true",
}
}
Even after updating my rules with this, still I'm receiving warnings that I should update my firebase realtime database and also, I have also received that if I have modified rules in last 24 hours, those changes are not accounted for, what do I do now?
The rules in your question allow anyone in the world to read and write whatever they want in your database. If they know the URL of your database, they can steal and/or wipe all of your data with a single call.
That's what the Firebase email is warning you about. I highly recommend studying it carefully, and then following up with:
the Firebase documentation on its server-side security rules
the Realtime Database specific documentation for the rules, including the video in there
Firebase email saying my realtime database has insecure rules
This question already has answers here:
In iOS, how can I store a secret "key" that will allow me to communicate with my server?
(5 answers)
Closed 4 years ago.
I have an app I am building and inside of it are some strings that are sensative and I would hope no one would ever be able to get to easily by looking for strings in the binary etc.
For example this
let password:String = "SuperSecret123"
What is the proper way to hide this string inside of the project?
In most big companies, the way they handle this is not to keep the secret inside the code. Instead, you'll typically see one of three routes:
Read the secret from an environment variable that must be set to run the software
Read the secret from a configuration file
Read the secret by talking to a local secret broker
All three of these can work pretty well.
This question already has answers here:
How do you prevent duplicate user properties in Firebase?
(2 answers)
Closed 5 years ago.
I have been making mobile application for iOS and Android platforms and want to prevent this duplicate entries which the apps make. I don't want to this on app side as I'll have to do it on both the platforms.
Then I heard about the rules in the Firebase Database section and I tried couple of them but didn't work out for me.
Please help me with the firebase rules.
If you use Cloud Firestore, you may prevent double record something like this rule, but honestly I did not test it. I wrote it just from Firebase documents :
service cloud.firestore {
match /databases/{database}/documents {
// Checks name is not the same as resource and request data
match /Dealers/{dealer} {
allow write: if request.resource.data.name != resource.data.name;
}
}
}
for more information, check this
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 4 years ago.
Improve this question
I'm new to iOS and have just started leaning it. I want to develop a small app for bus passengers where-in all users in the bus must login using the app.
If user is using the app for 1st time, he must sign up . User must enter all details like Name,Age,Emergency Contact,Address,Source,Destination,Phone number etc.
If user already exist, then login with existing user name and password.
All details must be stored somewhere (not sure) and retrievable format.
Here comes all my question and doubts based on above app requirements :
do i need to follow client-server architecture ?(mobile app being client )
where all user details will be stored ( on mobile or server )
when user tries to login, how check if user already exists or not ?
if any communication protocol to be used for mobile app communication then which will be good considering the performance of app should be fast.
mobiles internet data should be available ?
which database to use to store user details ?
considering all above things i need to design my app.
thanks
I will try to give some points to start from.
1) I think yes (its really depends what you want to achive but if you only want to get/pos resources to/from server, http request should be enough to start from).
2,6) Depends which details.
For simple details which no need in protection NSUserDefaults Sqlite or Core data can fit. (also there are some nice wrappers for them for instance TMcache, you will need to investigate it).
If you need to save private details you will probably need to use keychain.(honestly I would avoid saving important details on the device everything can be hacked so try to limit it).
3) One of the common ways which come to my mind is to check in run time if the user already logged in is by saving login status in NSUserdeFaults and check it in - (BOOL)application:(UIApplication *)application didFinishLaunchingWithOptions:(NSDictionary *)launchOptions. If you need to check Existence of user in your system than probably some server help will be need.
4) Please refer to apple Docummentation NSURLSession should fit.Also AFNetworking is really good library.
Edit:
5) Usually IOS will use Current Internet Connection which is available and more efficient for the system it will start with WIFI then CellularData (Check Reachability for testing availability of internet connection its also included in AFNetworking library) .
-All those questions/answers can be found on stack.Hope I helped.
List of common IOS frameworks
This question already has answers here:
How to find issues that at some point has been assigned to you?
(12 answers)
Closed 9 months ago.
I am trying to create JIRA filter as below
project = "ProjectA" AND status = Done
The problem is I am just a developer. Hence, all I do is develop it and then pass it along to tester. At that point the JIRA status changes from "In Progress" to "SIT" ....And finally to "Done".
I want to know how many tasks where actually completed by me in last 5 weeks or so using filter. Is that possible?
You can use the "changed" keyword - see here for details
https://confluence.atlassian.com/display/JIRA/Advanced+Searching#AdvancedSearching-CHANGED