Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
3.4k views
in Technique[技术] by (71.8m points)

android - how can i make my database safe when using real-time database firebase?

I am new to Firebase and I want to understand it How do I make Database safe? When i using real-time database, if i make rules like this:

    {
  "rules": {
    ".read": true,
    ".write": true
  }
}

Is this safe?

If it is not safe for my app, how do I make it safe?

What does it mean to add auth (users who have registered) reading and writing in the rules, is it a good way to protect databases, and how do I do this?

If the rules are true, what are the risks that implementation may face and when? What is the alternative? – TaHa M. Younis 22 mins ago


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

The security rules of your app depend almost solely on the business logic of the app. So just like you will have to figure out the code to match your use-cases, you also have to figure out the security rules (and data model) to match your use-cases. There is no way for us to do that for you in a simple Q&A fashion here.

I highly recommend getting started with the Firebase documentation on security rules, which includes an explanation of concepts, how security rules work, and some great examples of common use-cases such as content-owner only access, role-based and attribute-based access control and others.


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...