All geek questions in one place

Fire safety

I am new to firebase and trying to develop an Ionic2 application using firebase + firebase storage using angularfire2.

I have several PDF files to store, as well as a URL in the firebase database.

I have an authenticated user in the application through firebase auth.

Now, when the user downloads the file on his mobile device, the system will receive the downloadUrl file, and the smart user will be able to view it by viewing it through NeoLoad or any other tool. then he can just share this direct file url with anyone and download this pdf without an application.

1- I want to know if it is possible to restrict access to the file only from the application, so even if it has a url file, it cannot load it.

2- Is it possible to generate a dynamic url that expires after a while or only the URL of a specific user?

thanks

+5
source share
1 answer

UPDATE

Looking at this issue, it looks like Firebase supports signed URLs. You can use them to limit the time during which the URL can be used to access your files. Since you only want them to use the app, they can expire pretty quickly. You can read about them here:

Create Signed URLs Using the Program

This page describes how to programmatically create signed URLs, which are the query string authentication mechanism for buckets and objects. Signed URLs are one way to control access to buckets and objects. The signed URL is associated with a bucket or object and provides limited time access to read or write to this particular resource. Anyone with a URL has access granted by the URL, regardless of whether they have a Google account.

To learn more about Signed URLs, read Signed URL Overview. To learn how to quickly create signed URLs using gsutil, read "Creating" Signed URLs using gsutil.

Signed URLs

This page provides an overview of signed URLs, which is a query string authentication mechanism for buckets and objects. Signed URLs provide a way to provide limited read or write access time to anyone who has a URL, regardless of whether they have a Google account. To learn how to create a signed URL, read "Creating Signed URLs Using gsutil" and "Creating Signed URLs Using A Program." For other ways to control access to buckets and objects, read the Access Control Overview.

Based on the documentation Getting Started with Storage Security Rules Understand Firebase cloud security rules and Learn how to protect files

You can set security rules for Firebase storage just like database rules. This should prevent an unauthenticated user from accessing your files.

Hope this helps

0
source

Source: https://habr.com/ru/post/1271502/

More articles:


All Articles