Some questions about Firebase

Kwiqchat · April 28, 2020, 4:14pm

An advance thank you to everyone who takes the time to read this and reply.

Please note I have searched the forum thoroughly and not found satisfactory answers.

First I will explain about my app. I am developing a chat app in which you can chat with random people anywhere in the world. Everything is completely anonymous.

You open the app and press the CHAT button. This will put you into a chat room with another user so you can have a one-to-one chat. All chat rooms currently only support 2 people. This way you can have more intimate conversations.

All chats are via Firebase. So when User 1 writes a message it is uploaded to Firebase and shows on User 2’s phone. When User 2 writes a message it overwrites the existing message (by User 1) in Firebase and the new message is shown on User 1’s phone. A chat history is therefore only stored on the phones themselves. The only thing Firebase stores is the latest message.

The app does not need a user to log in. It foes not save user names, email addresses, locations etc. (I will place ads in the app and third party services may track such things but my privacy policy will make that clear.)

Now for my question:

At the moment the Firebase Rules are set to public so anyone can read and write. Apparently this means anyone access the database. However, I am not storing any user information on Firebase. The only thing that is stored is the latest message. What should my rules be?

I have a few other questions but I will ask them depending on the answer to this.

The_K_Studio · April 28, 2020, 6:38pm

You can keep your rules to read and write true.

No one can modify your firebase database without you and without api key.

Kwiqchat · April 28, 2020, 8:19pm

Thank you for your reply.

So does this mean that there are only 2 ways to hack into my Firebase account:

By hacking my actual Google account that is linked to Firebase. For this a hacker would need my google user name and password.
Using the api key.

Is this correct?

If so please tell me what the api key is as I have not used one.

The_K_Studio · April 29, 2020, 4:00am

API key is provided by firebase to access the database.

When you get started with firebase by creating account, your api key is generated.

You have to copy and paste it in your app.

Search ‘firebase database in Kodular’ on YouTube, you will get step by step guide on how to set up firebase in Kodular app.

Its easy.

Kwiqchat · April 29, 2020, 5:05am

Is the api same as the Firebase url?

Because if so, then I already have that.

Alapjeet · April 29, 2020, 5:19am

Go & Read…

Arthurzinho_Lider_Nato · April 29, 2020, 5:20am

Nope! You can find firebase api key at setting, like this:

Kwiqchat · April 29, 2020, 5:54am

I’ve found the Web API Key.

However, I haven’t used it in my app and can’t see anywhere for me to put it in the designer or blocks. All I’ve used is the url and the app seems to be working.

Arthurzinho_Lider_Nato · April 29, 2020, 6:04am

You use the API key to use the firebase database. You should put it here:

Kwiqchat · April 29, 2020, 6:05am

Which bit do I put it in? There’s nowhere there that asks for API Key.

Arthurzinho_Lider_Nato · April 29, 2020, 6:10am

It’s the firebase token at firebase database component

Kwiqchat · April 29, 2020, 6:16am

So Firebase Token in the designer is the same as the Firebase Web API Key?

When I added Firebase component to my app it already had Firebase Token filled in. Why was this?

And does it mean I need to put my own API key into the Firebase Token?

Arthurzinho_Lider_Nato · April 29, 2020, 6:33am

Yes firebase token its the same of API key and you need to put your own in that box. The number that is alredy there is a random number (I think).

Kwiqchat · April 29, 2020, 6:38am

What will happen if I use the one that is already provided?

Arthurzinho_Lider_Nato · April 29, 2020, 6:50am

Don’t have idea, but I guess that something will not work. The API key of firebase would not exist if that from kodular works.

Kwiqchat · April 29, 2020, 7:01am

It’s strange because I’ve been using the Token provided by Kodular when you add the Firebase component and my app works. The chat system works fine.

Also the Web API is much shorter than the Token so I’m not sure that you put the Web API in the Firebase Token box in the designer.

Arthurzinho_Lider_Nato · April 29, 2020, 7:03am

Okay then

Kwiqchat · April 29, 2020, 7:20am

I’ll create a new topic later on about the Token because I’ve got some questions about it.

The_K_Studio · April 29, 2020, 7:25am

Thats why i asked you to search about firebase database in Kodular’ on YouTube.

For new user, it is difficult to understand about online databases. I have also learnt about firebase from YouTube videos.

There are lots of tutorial videos which tells you how to set up all step by step.

This might help you:

Kwiqchat · April 29, 2020, 7:32am

Thanks, I’ll watch that later.