This project was bootstrapped with Create React App.
put it on top of the testfile an uncomment to get the right Jest types instead of Mocha typings import '@types/jest';
IT IS NECESSARY TO RELOAD THE BROWSER WITNODOW ON SIGN OUT FROM THE FIREBASE APP
FIREBASE DO NOT ALLOW TO SIGN UP IN ANOTHER APPLICATION IF WAS SIGNED IN ANOTHER BEFORE FOR AN UNKNOWN REASON (may be cause the default application was deleted)
FIREBASE DO NOT ALLOW TO USE THE SAME EMAIL, WHEN AUTHORIZED ON A DIFFERENT APPS FOR AN UNKNOWN REASON
IT IS NECESSARY TO ENABLE AN AUTOHORIZATION IN THE FIREBASE PROJECT
Must be set rules as
{ /* Visit https://firebase.google.com/docs/database/security to learn more about security rules. */ "rules": { ".read": true, ".write": true, "credentials": { ".read": true, ".write": "!data.exists()", ".indexOn": "firebase_user_id" } } }
instead of "credentials" must be a value of the constant "CA_CONNECTION_FIREBASE_UTILS_STORAGE_CREDENTIALS_KEY_PREFIX"
!!It is necessary to set the configuration, to prevent data filtration on the client: ".indexOn": "firebase_user_id"
version of the firebase rules which allowed userId with guid or user login as user id in the user idenitity string
It's for "01" and "02" and version of the user identities. This is default rules.
E.G. for the 'https://protocol-firebase-default-rtdb.firebaseio.com/' realtime database
{
/* Visit https://firebase.google.com/docs/database/security to learn more about security rules. */
"rules": {
".read": "true",
".write": "auth != null",
"credentials": {
"$userID": {
".validate": "!data.exists() && newData.exists() && ($userID.beginsWith('02https:*_S%ë5nN*_S%ë5nNprotocol-firebase-default-rtdb_P%ë5nN*firebaseio_P%ë5nN*com') || $userID.beginsWith('01https:*_S%ë5nN*_S%ë5nNprotocol-firebase-default-rtdb_P%ë5nN*firebaseio_P%ë5nN*com')) && newData.hasChildren(['credentials', 'firebase_user_id']) && newData.child('credentials').isString() && newData.child('firebase_user_id').isString() && newData.child('credentials').val().length < 9000 && newData.child('credentials').val().length > 100 && newData.child('firebase_user_id').val() === auth.uid",
".indexOn": "firebase_user_id",
}
}
}
}
another version of the firebase rules which allowed userId only with the auth.uid in the user idenitity string this version of the rules must be used if the user allowed only a one user identity per account
{
"rules": {
".read": "true",
".write": "auth != null",
"credentials": {
"$userID": {
".validate": "!data.exists() && newData.exists() && $userID === '02https:*_S%ë5nN*_S%ë5nNprotocol-firebase-central-default-rtdb_P%ë5nN*firebaseio_P%ë5nN*com|' + auth.uid + '_D%5nNë*' && newData.hasChildren(['credentials', 'firebase_user_id']) && newData.child('credentials').isString() && newData.child('firebase_user_id').isString() && newData.child('credentials').val().length < 5000 && newData.child('credentials').val().length > 100 && newData.child('firebase_user_id').val() === auth.uid",
".indexOn": "firebase_user_id"
}
}
}
}
The key for the credentials storage value is a crypto hash from the user login The value is salt which is encrypted by the crypto key produced by the login The crypto credentials are encrypted by the login + password
Any database closed once can't be opened till the instance of the SwarmStorage not be reopened. The workaround for it may be the following:
- do not close the databse till the user is logged in or not close a broser's tab.
- all closed databases may be muted.
- in the window.onbeforeunload or on the SwarmStorage 'close' event listener, close all the databases, which were closed before.
for performance reason it's necessary to implement in-memory (or not encrypted) storage for databases
which are like pubsub channels (for example this kind of storage must be used for geolocation sharing or collaborative document editing).
to do not encrypt each key - value, but encrypt all data when loading or closing. All data must be stored in-memory and then replicated to any storage? encrypted. And when a data loaded from the storage it's necessary to ecrypt it.