How to protect my app from hack

question
help
(Mr Ronock) #1

i use this method on fire base someone crack my app and get unlimited coin have any solution to protect my app from hack

Firebase security - is it necessary?
(Cian) #2

Yes…

It will get hacked if you have a public read and write.

What should I do to secure the data in my Firebase Project?

Use Firebase Authentication 3.0 extension.

[Free] Firebase Authentication V.3.0 (Update link) #ThunkableClassicExtensions

Hi, everybody! mirxtrem apps here, bringing you the lastest update for this extensions. Suscribe to my channel for tutorials: Firebase Tutorial in course New Features: Federated identity provider integration (to use with FacebookLogin and GoogleLogin extensions). [image] Update profile: You can update a user’s profile (display name / photo URL). [image] Error to compile apk fixed. Download it here: com.mirxtremapps.FirebaseAuth.aix (37.8 KB) Thanks! Firebase Auth Tutorial - Si…

DB security is established by a combination of rules and authentication. Assuming you have authenticated with the above extension here are the different ways to setup rules.

Test/No security. Anybody can read or write

“rules”: {
“.read”: true,
“.write”: true
}

Locked Up/Full security. Nobody can read or write

“rules”: {
“.read”: false,
“.write”: false
}

Only authenticated users can read and write

“rules”: {
“.read”: “auth != null”,
“.write”: “auth != null”
}

Read All, only write their own

“rules”: {
“posts”: {
“.read”: “auth != null”,
“$uid”: {
“.write”: “$uid === auth.uid”
}
}
}

Read and write their own

“rules”: {
“posts”: {
“$uid”: {
“.read”: “$uid === auth.uid”,
“.write”: “$uid === auth.uid”
}
}
}

3 Likes
Firebase rules, need help to create
(Mr Ronock) #3

if i use this method is every thing work gd

(Cian) #4

Provided you log people in. Read my post, you need to ensure that individual people have been logged in. With the above they can only write to info in their bucket.

(Mr Ronock) #5

when user watch add point add her wallet thats it so now can you say witch rules are best for me plz say

(Cian) #6

I have no idea what you are talking about.

This is not just about rules. You need to use the Authentication system as well

(Mr Ronock) #7

im new if i give you my aia can you fix my problem plz help me

(Cian) #8

No.

You need to work with the Authentication Extension I provided above. Play with it. I cannot provide help until you have done that piece

You are looking for a quick fix, and it is not quick.

1 Like
(Mr Ronock) #9

ok try if you have any tutorial send me link plz

(Cian) #10

Mate if you clicked on the link you would see there was a tutorial video already there.

Do some work please.

2 Likes
(Pme) #11

Can we use Kodular built in auth? For secure access?

(Cian) #12

Not currently . It does not have the token management