Exadra37

Exadra37

Firebase - Why Firestore Encourages Bad Security?

What is Firestore?

Firestore is one of many products in the Firebase product line. Firestore is a document-based NoSQL database. Firebase Auth integrates with Firestore to provide authentication/authorization functionality.

Why Firebase?

The benefit of using Firestore is that developers don’t have to deal with the hassle of managing servers, creating a backend, or scalability. All of that is handled by Firebase. As such, Firestore is often used by frontend developers.

Conclusion

Firestore is fundamentally flawed. By eliminating the logical layer, Firestore makes it nearly impossible to use it securely. Firestore security rules are an inadequate band-aid solution and cloud functions defeat the purpose of using Firestore.

There are very few situations where Firestore will be an adequate solution. I’d only recommend using it only extremely small and simple applications or mock applications, but even so, you may run into security limitations.

Where Next?

Popular General Dev topics Top

emoragaf
Hey all, I blogged about using pattern matching to replace conditional checks (post in Spanish)
New
emoragaf
Hi again, this time I blogged about creating a development environment for elixir using Docker (post in Spanish)
New
New
Exadra37
I came across a video where the Vice Chairman of Morgan Stanley, Carla Harris was interviewed…. She said something that struck my nerves...
New
New
ErlangSolutions
If you were unable to join us recently for Code Mesh V conference you can catch up with our full suite of talk videos, QandA sessions and...
New
elbrujohalcon
This is what we’ve been doing in our last HackWeek at NextRoll with @maco and @pablocostass Now you can add typespecs to your modules us...
New
fredwu
Hi folks, I wrote a blog post the other day on how I built my MVP in 3 months whilst having a day job, using Elixir/Phoenix/LiveView. Th...
New
SubeeTalks
Agent Workflows offer a solution to automate repetitive business tasks traditionally handled by knowledge workers, enhancing operational ...
New
kjwvanijk
https://medium.com/@kjw.vandijk_98810/cardano-meets-elixir-and-phoenix-liveview-956fdfa69931
New

Other popular topics Top

AstonJ
There’s a whole world of custom keycaps out there that I didn’t know existed! Check out all of our Keycaps threads here: https://forum....
New
New
PragmaticBookshelf
Build highly interactive applications without ever leaving Elixir, the way the experts do. Let LiveView take care of performance, scalabi...
New
DevotionGeo
The V Programming Language Simple language for building maintainable programs V is already mentioned couple of times in the forum, but I...
New
AstonJ
We’ve talked about his book briefly here but it is quickly becoming obsolete - so he’s decided to create a series of 7 podcasts, the firs...
New
AstonJ
If you get Can't find emacs in your PATH when trying to install Doom Emacs on your Mac you… just… need to install Emacs first! :lol: bre...
New
PragmaticBookshelf
Build efficient applications that exploit the unique benefits of a pure functional language, learning from an engineer who uses Haskell t...
New
AstonJ
Was just curious to see if any were around, found this one: I got 51/100: Not sure if it was meant to buy I am sure at times the b...
New
New
AstonJ
Curious what kind of results others are getting, I think actually prefer the 7B model to the 32B model, not only is it faster but the qua...
New