re: Firebase as simple database to React app VIEW POST

VIEW FULL DISCUSSION
 

Excuse me if I've missed something. But surely having your API key inside the create-react-app will expose your backend to abuse.

Someone with knowledge of JavaScript could easily find the API key within your code and use the key to write whatever they want to the database?

 

Oh none at all, you're right on point. I've also wondered the same thing until I came to this post:

javebratt.com/hide-firebase-api/

I won't put anything into my Firebase project except for this tutorial, so for all purpose I think it will be fine.

code of conduct - report abuse