Require a secure upload-download extension for firebase storage and Db components

Lavanian · November 6, 2020, 4:40am

The firebase storage and database components are GREAT for uploading/downloading activities. They, however, have a major shortcoming in that they work only if the firebase security is open to all . that is
"Allow read; Allow write; (for storage)
OR
“.read”: “auth = null”, (for realtime Db)
“.write”: “auth = null”
This leaves our Db wide-open to hackers and is not fit for production strength applications.

It would be great if some one can create an extension that would require an optional currentUseridToken (taken from firebaseAuth) to connect securely to firebase realtime Db and storage.
An example is given below of the present firebase storage call and how it could be modified.
firestorerequest

This is something worth paying for. Any takers?

iamwsumit · November 6, 2020, 4:44am

are u requesting for a extension

themaayur · November 6, 2020, 4:46am

As you are Requesting for extension, I have changed the Category to #marketplace

golumaths100 · November 6, 2020, 5:01am

Have you tried these rules?
{ "rules": { "some_path": { "$uid": { // Allow only authenticated content owners access to their data ".read": "request.auth != null && request.auth.uid == $uid" ".write": "request.auth != null && request.auth.uid == $uid" } } } }

TimAi2 · November 6, 2020, 8:47am

There is an extension…(PAID)
http://community.appybuilder.com/t/firebaseaddon-extension-to-be-sponsored/2127
This works with mirxtremapps firebase extensions.
No extensions needed if you use the REST api and a Web component
Firebase with a Web Component

Lavanian · November 7, 2020, 5:43am

Sumit1332: Reply to: If it exists, then the link, if not could someone make one?
Maayur: Reply to: Please see above.
Golumatha100: Reply to: Hi, the rules at the firebase cloud end are not the issue, it is the need for ease of upload /download of data from an App designed in Kodular. Presently for a secure upload to the firebase realtime Db, you need to jump through a number of hoops using a very unreliable web component (issues with failed/incomplete/errored uploads). And for Firebase storage, this format will (probably ) not work.

Have no choice but to use this format because the native component (firebase_db) does not have components for a secure upload.
Therefore the need for a secure firebase upload/download component/extension
Thank to all of you for your replies.

Lavanian · November 7, 2020, 6:42am

Thanks Tim, for the heads-up wrt the paid extension. Have found him on Kodular and have PMed him