The World’s Largest Online Community for Developers
I am creating an app where the user does not have to login and this is also not planned for future. After looking at this video I was pretty shocked as I was simply securing read/write access with request.auth != null. Which only checks if there is any authentication. Video: https://www.youtube.com/watch?v=b7PUm7LmAOw&t
So I went ahead and changed the signInAnonymously to signInWithEmailAndPassword, with a hardcoded email and hardcoded password. In my App. This is not very pleasant and I was looking for a better was to do this. I stumbled accross flutter_secure_storage but I did not fully understand how I store my secret (in this case my password) for every installation of my app.
Is there another best practice how I allow read/write to firebase only from my app?
final FirebaseAuth _auth = FirebaseAuth.instance; //_auth.signInAnonymously(); _auth.signInWithEmailAndPassword(email: "HARDCODEDEMAIL", password: "HARDCODEDPASSWORD");