Backend authentication - Githubissues

amrrsharaff / RelationTips

0 stars 0 forks source link

Open victorgutemberg opened 5 years ago

victorgutemberg commented 5 years ago

Add user authentication to GraphQL
Another alternative is to use Firebase Firestore instead to save the data. This would be a good option if we plan to support synchronization in real time.

victorgutemberg commented 5 years ago

In constants/GraphQL.js the server access key is exposed. Since the app can be unassembled, the secret could be read and used to access all the data.

After the backend authentication is done, the server access key can be removed and the user access token is used instead.