Exadra37

Exadra37

Firebase - Why Firestore Encourages Bad Security?

What is Firestore?

Firestore is one of many products in the Firebase product line. Firestore is a document-based NoSQL database. Firebase Auth integrates with Firestore to provide authentication/authorization functionality.

Why Firebase?

The benefit of using Firestore is that developers don’t have to deal with the hassle of managing servers, creating a backend, or scalability. All of that is handled by Firebase. As such, Firestore is often used by frontend developers.

Conclusion

Firestore is fundamentally flawed. By eliminating the logical layer, Firestore makes it nearly impossible to use it securely. Firestore security rules are an inadequate band-aid solution and cloud functions defeat the purpose of using Firestore.

There are very few situations where Firestore will be an adequate solution. I’d only recommend using it only extremely small and simple applications or mock applications, but even so, you may run into security limitations.

Popular General Dev topics Top

emoragaf
Hey all, I blogged about using pattern matching to replace conditional checks (post in Spanish)
New
emoragaf
Hi again, this time I blogged about creating a development environment for elixir using Docker (post in Spanish)
New
Exadra37
What is Firestore? Firestore is one of many products in the Firebase product line. Firestore is a document-based NoSQL database. Firebas...
New
Exadra37
I came across a video where the Vice Chairman of Morgan Stanley, Carla Harris was interviewed…. She said something that struck my nerves...
New
AstonJ
This talk by @wolf4earth was posted in a thread about pull requests, but it warrants a thread of its own :blush: As Sascha highlights, b...
New
New
New
timClicks
I published this post yesterday and thought that this community might appreciate it: To save you a click, here are the bulk of the adv...
New
ragamuf
I am not breaking any news by acknowledging that Slack is one of my favorite asynchronous communication tools to get work done as a softw...
New
kjwvanijk
This is Part 1 of my mini series integrating Phoenix Framework with Cardano. The first part is about setting up a phoenix application to...
New

Other popular topics Top

AstonJ
Or looking forward to? :nerd_face:
New
Exadra37
I am thinking in building or buy a desktop computer for programing, both professionally and on my free time, and my choice of OS is Linux...
New
brentjanderson
Bought the Moonlander mechanical keyboard. Cherry Brown MX switches. Arms and wrists have been hurting enough that it’s time I did someth...
New
AstonJ
In case anyone else is wondering why Ruby 3 doesn’t show when you do asdf list-all ruby :man_facepalming: do this first: asdf plugin-upd...
New
AstonJ
If you are experiencing Rails console using 100% CPU on your dev machine, then updating your development and test gems might fix the issu...
New
PragmaticBookshelf
“A Mystical Experience” Hero’s Journey with Paolo Perrotta @nusco Ever wonder how authoring books compares to writing articles?...
New
PragmaticBookshelf
Build highly interactive applications without ever leaving Elixir, the way the experts do. Let LiveView take care of performance, scalabi...
New
mafinar
Crystal recently reached version 1. I had been following it for awhile but never got to really learn it. Most languages I picked up out o...
New
gagan7995
API 4 Path: /user/following/ Method: GET Description: Returns the list of all names of people whom the user follows Response [ { ...
New
PragmaticBookshelf
Author Spotlight Erin Dees @undees Welcome to our new author spotlight! We had the pleasure of chatting with Erin Dees, co-author of ...
New