Firebase-如何使用前端JS隐藏令牌.它有多安全 [英] Firebase - how to hide the token using frontend JS. How secure is it
问题描述
我正在使用Firebase开发Web ap,我想使用JS直接从前端将其连接,因此避免使用中间层.所以我的问题基本上是我该如何使用Firebase进行安全实施以及如何隐藏将在Javascript上公开的凭据
I am developing a web ap with firebase and I want to connect it directly from the frontend using JS so I avoid to have a middle layer. So my question is basically how can I do a secure implementation with firebase and how can I hide the credentials that will be exposed on Javascript
推荐答案
您永远不会在客户端上存储凭据.请参阅此概述,以快速了解Firebase中安全性的工作原理: https://www.firebase .com/docs/security-quickstart.html
You never store credentials on the client. See this overview for a quick summary of how security works in Firebase: https://www.firebase.com/docs/security-quickstart.html
如果您不想运行自己的服务器进行身份验证,则可以使用Firebase简单登录服务.简单登录与Facebook,Github,Twitter和Persona集成以提供用户登录.您可以在此处了解有关该服务及其使用方法的更多信息: https://www.firebase.com/docs/security/simple-login-overview.html
If you don't want to run your own server to do authentication, you can use the Firebase Simple Login service. Simple Login integrates with Facebook, Github, Twitter and Persona to provide user login. You can learn more about the service and how to use it here: https://www.firebase.com/docs/security/simple-login-overview.html
这篇关于Firebase-如何使用前端JS隐藏令牌.它有多安全的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!