Security Rules deep dive

In Firebase, you can directly access the backend from your client app - so how can you keep your users' data safe and secure? The short answer is Security Rules! Join Rachel and Sam to learn what Security Rules are and how you can use them to make sure only users can see and change their own data, how to use them to validate your application's data, and some pitfalls you'll want to avoid when implementing them in your app.

Chapters:
0:00 - Introduction
0:27 - How Firebase's architecture differs from traditional application architectures
0:55 - How can you keep your users' data secure in Firebase?
1:27 - Simple and complex Security Rules
2:15 - Match Statements
2:51 - Tip: Avoid Global Rules
3:02 - Tip: Use Rules like a Schema
3:12 - Permissions
3:45 - Tip: Avoid overlapping rules
3:50 - Conditions
4:10 - The Resource object
4:34 - The Request object
5:14 - Using custom functions
5:55 - How to model your data
6:48 - Data Validation
7:29 - Tip: Trusted Environments skip Security Rules
8:33 - Test Security Rules using the Firebase Emulator Suite
9:25 - Use the debug function to debug your rules
9:40 - Use the requests monitor to inspect incoming requests
10:20 - Wrap up and summary

Resources:
Firebase Authentication Documentation → https://goo.gle/3wT2SUn
Firebase Security Rules Documentation → https://goo.gle/30mZ4Mx
How to code review security rules → https://goo.gle/3kDZIiq
Codelab: Protect your data with Firestore Security Rules → https://goo.gle/3Hoh64w
Modeling your Firestore data → https://goo.gle/3qlVKOU

Catch more videos → https://goo.gle/BetterSafethanSorry
Subscribe to Firebase → https://goo.gle/Firebase

#Firebase #Developer #Security #Authentication #Authorization


product: Firebase - Security Rules; fullname: Sam Olsen, Rachel Myers;