rwieruch
commented
5 years ago Hello @edguerrade
Regarding the security rules I am opinionated, because I don't want to play into Firebase's (Google's) arms by just relying on their system tailored solution. In the long run, I want to avoid the vendor lock-in. That's why I like to give users roles and permissions myself, like described in this chapter of the book https://www.robinwieruch.de/react-firebase-authorization-roles-permissions/ because then you can always migrate everything to your own database. I hope this statement makes sense. Let me know what you think about it.
After talking to @edguerrade about this issue, I agree that this needs to be addressed. See https://github.com/the-road-to-react-with-firebase/react-firebase-authentication/pull/26
Best, Robin
I'm concerned that there is no mention (or I don't see it) to security rules on firebase db. I know this is a kind of boilerplate or introductory tutorial, but if the focus is in React + Firebase it should be a must!
It would be so helpful to add some rules, i.e:
I'm introducing myself to Firebase, reading the security documentation, trying to manage those rules but, despite the simplicity, it's a little confusing without real example. Maybe anyone could shed light on this matter.
Sorry about my English (I try to improve it). Thanks a lot @rwieruch for your job!