KamiKemiKimi
commented
3 hours ago Also remove all logging that involves userids, lobbyids, or jwttokens
Open KamiKemiKimi opened 3 hours ago
KamiKemiKimi
commented
3 hours ago Also remove all logging that involves userids, lobbyids, or jwttokens
IMPORTANT TODO: Firebase Firestore/Realtime Rules: allow read and write for only authorized users
TODO 2: Rate limiting: limit how many requests a client can make within a time frame
TODO 3: Cross-Origin Resource Sharing: prevent Postman or unauthorized website to access API