Firebase rules with kodular

kachaya_applications · June 29, 2020, 8:48am

I followed many topics in community. but didn’t got clear idea about this case. That is why I posting.

These days I developing application with kodular with firebase realtime database. It has no login or registration process. Anyone who uses the application can view the data. I set my firebase real time database rules as below.

“.read”: true, “.write”: false

But now the problem is anyone who has my firebase database url can access the database to read data. I need to prevent it and needs only to allowing reading data only from my app? how can I do this?

further more, what is firebase token in firebase extension in kodular? tutoarial videos says web api key is the firebase token. but app works fine even with kodular automatically generated token. then what is the purpose of this token??

devanshvinayak9 · June 29, 2020, 9:50am

You can use this inbuilt block to protect your URL and token up to an extent

If you want more security so you can use paid method by taifun

https://puravidaapps.com/aes.php

Vishwas · June 29, 2020, 9:53am

Hi
Your database URL isn’t a secret key that is to be protected. You should formulate your rules such that read/write access is given only to those who are authenticated.

This guide will help you
https://docs.kodular.io/guides/component-examples/firebase-rules/

GaryH · June 29, 2020, 7:33pm

Check out this thread, Hope it helps.

Boban · April 17, 2021, 11:46am