CWC+ Course - Production Mode

Roadmanbean · January 21, 2023, 11:02pm

Hi everyone,
I’ve not bought the course yet but before I do, I want to know whether the course covers the production mode of firebase as I want my security on the app to be production level.

I would also put this is question in the ‘course students forum’ as requested in the read before you post part of this website but I don’t have an order number to get me into the community because I’ve not purchased the course yet. I want to know whether it covers production mode before I do.

Thanks so much.

Chris_Parker · January 22, 2023, 4:38am

@Roadmanbean

Welcome to the community.

What do you understand “Production Level” security to equate to?

mikaelacaron · January 22, 2023, 4:53am

Yes, the course covers setting security rules, which is what’s used to verify users with Firebase Authentication so that only the proper person has access to their own data

Roadmanbean · January 22, 2023, 6:41am

Basically at this part of the Set up firebase video Chris created in 2021.

Setup Cloud Firestore Database 2021 (SwiftUI, Swift Package Manager)

13:45

He sets up the Firebase store in Test mode saying that for actual product it’s best to select production mode.
I want to learn how to use production mode for my application.
Thanks

Roadmanbean · January 22, 2023, 6:44am

For example,
I want users to have to type in a passcode in order to download specific data created by other users. User one tells user two what the password is which will enable user two to download the data which user one has created.

Chris_Parker · January 22, 2023, 6:59am

In that scenario that the screenshot portrays production mode changes the rules assigned to “Cloud Storage” or “Storage”.

The difference being that rules for test and develop are set to something like this:

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
    match /{document=**} {
      allow read, write: if
          request.time < timestamp.date(2024, 6, 30);
    }
  }
}

which says that as long as the current date is less than the date specified, you can access the data.

whereas the rules for “production” just means that no one can access the Firebase instance without authentication, ie: loging in

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
    match /{document=**} {
      allow read, write: if request.auth != null;
    }
  }
}

so even if you knew the Firebase Cloud storage url (pretty unlikely) you won’t be able to read anything since you won’t be authenticated.

One of the builds on CWC+ covers that and is the Chat App. It’s a course for the advanced user and you need to be confident with Firebase.

Roadmanbean · January 22, 2023, 9:57am

Brilliant. Thanks for letting me know. I shall purchase the course