Upgrade to Pro — share decks privately, control downloads, hide ads and more …

firebase-meetup-#11-2019-02-18

Tomokazu Kozuma
February 18, 2019
Programming
6
1.8k

 firebase-meetup-#11-2019-02-18

Tomokazu Kozuma

February 18, 2019
Tweet

More Decks by Tomokazu Kozuma

See All by Tomokazu Kozuma
google-inside-fintech-2019-06-10
tomokazukozuma
1
650
PORT-Firebase × Blockchain-2019-05-21
tomokazukozuma
2
250
ginco-engineer-meetup-2019-04-11
tomokazukozuma
4
3k
blockchain.tokyo#18-2019-03-26
tomokazukozuma
3
1.8k
KyberNetwork-DEX-research2-at-Neutrino-2018-11-12.pdf
tomokazukozuma
0
1.6k
career-event-by-techbowl-at-mercari-2018-11-07.pdf
tomokazukozuma
0
1.3k
Backend of Cryptocurrency Wallet and Ginco integrated with DEX KyberNetwork
tomokazukozuma
7
7.2k

Other Decks in Programming

See All in Programming
Semantic Kernel(C#)でAzure OpenAI ServiceのGPT-4を使ってみる
tomokusaba
1
170
SPAでもデータをURLでシェアしたい / Kyoto.js 19
utgwkk
1
170
KubeCon + CNCon Europe 2023 Recap Flux Beyond Git: Harnessing the Power of OCI
ksudate
0
310
コンテナ環境でのJavaチューニング
kazumura
2
400
Go1.19から始めるGCのチューニング方法
hagatake
0
120
Webエンジニアに転生したらCSS魔導士になった件
satoshi7190
2
2.5k
AWS CDKとZodを活用したバリデーションパターン集 / validation patterns with cdk and zod
gotok365
3
1k
sync.Mutexの仕組みを理解する
ffjlabo
1
600
多様なプロトコルと 駆動モデルをサポートするIoTゲートウェイの開発と運用の知見
takesinoda
0
530
FSE時代におけるWEBサイト制作の研究 #wpshinshu / 2023-05-20 Shinshu WordPress Meetup vol.23
torounit
0
230
AWS CDKのあるあるお悩みに答えたい
tmokmss
5
1.4k
Github CopilotとChatGPTを使って感じた使い分けの糸口 / JavaDo #22
gishi_yama
0
180

Featured

See All Featured
How GitHub (no longer) Works
holman
299
140k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
110
17k
Code Reviewing Like a Champion
maltzj
508
38k
Teambox: Starting and Learning
jrom
124
8k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
152
13k
Done Done
chrislema
178
15k
VelocityConf: Rendering Performance Case Studies
addyosmani
317
22k
Building Better People: How to give real-time feedback that sticks.
wjessup
346
18k
Designing the Hi-DPI Web
ddemaree
273
33k
How To Stay Up To Date on Web Technology
chriscoyier
779
250k
The Mythical Team-Month
searls
211
41k
Art Directing for the Web. Five minutes with CSS Template Areas
malarkey
197
11k

Transcript

  1. 'JSFTUPSFSVMFTͷӡ༻ͱ
    -PDBM&NVMBUPSΛ࢖ͬͨςετ
    Tomokazu Kozuma
    2019 / 02 / 18 / MON
    Firebase Meetup #11

    View Slide

  2. A B O U T M Y S E L F
    ࣗݾ঺հ
    Tomokazu Kozuma
    @Tomokazu106
    ౦ژ޻ۀେֶେֶӃଔۀޙɺαΠόʔΤʔδΣϯτͰεϚϗήʔϜͷαʔόɺΠϯ
    ϑϥશൠΛ୲౰ɻԾ૝௨՟ʹ͍ٕͭͯज़ϒϩάΛॻ͍ͯΔ͏ͪʹ຅಄͠ɺຊ৬ͱ
    ͯ͠஫ྗ͢ΔͨΊʹ(JODPʹೖࣾɻ(JODPͰ͸ϒϩοΫνΣʔϯͷϊʔυӡ༻ɺϋʔ
    υϑΥʔΫରԠɺόοΫΤϯυͳͲ޿ൣғΛ୲౰ɻ

    View Slide

  3. Company Profile

    View Slide

  4. ·ͱΊͯͻͱͭʹ
    BITCOIN
    Blockchain
    BITCOIN
    CASH
    Blockchain
    LITECOIN
    Blockchain
    XRP(Ripple)
    Blockchain
    ETHEREUM
    CLASSIC
    Blockchain
    ETHEREUM
    Blockchain

    View Slide

  5. ෳ਺ͷԾ૝௨՟Λ·ͱΊͯ؅ཧ

    View Slide

  6. T I T L E T E X T
    શମߏ੒

    View Slide

  7. ֓ཁ
    • 'JSFTUPSFͰى͍ͬͯ͜ΔηΩϡϦςΟ໰୊
    • (JODPͷSVMFTӡ༻ͷมભ
    • -PDBM&NVMBUPSΛ࢖ͬͨςετ
    A G E N D A

    View Slide

  8. 'JSFTUPSFͰى͍ͬͯ͜Δ໰୊
    P A R T 1

    View Slide

  9. S e c u r i t y P r o b l e m
    ԯ݅ͷػີ৘ใ͕ެ։͞Ε͍ͯΔ
    • 'JSFCBTF%BUBCBTFΛ࢖͍ͬͯΔ಺ͷ͕࿙Ӯ
    • ݪҼ͸SVMFTΛ͖ͪΜͱઃఆͰ͖͍ͯͳ͍
    h t t p s : / / w w w . a p p t h o r i t y . c o m / c o m p a n y / p r e s s / p r e s s - r e l e a s e s / 6 2 - o f - e n t e r p r i s e s - e x p o s e d - t o -
    s e n s i t i v e - d a t a - l o s s - v i a - f i r e b a s e - v u l n e r a b i l i t y

    View Slide

  10. 'JSFTUPSFͷηΩϡϦςΟجૅ
    • ΫϥΠΞϯτ͔Β௚઀'JSFTUPSFΞΫηεͰ͖Δ
    • ΞΫηεʹ͸"1*Ωʔ͕ඞཁ
    • "1*Ωʔ͸ΫϥΠΞϯτʹຒΊࠐΉͷͰ୭Ͱ΋ΈΕΔ
    • ୭Ͱ΋ΞΫηεͰ͖Δ͔ΒSVMFTͰ੍ޚ
    A b o u t F i r e s t o r e

    View Slide

  11. 'JSFTUPSFSVMFT
    • SFBEXSJUFݖݶ
    • σʔλͷόϦσʔγϣϯ
    T I T L E T E X T
    Firestore
    Cloud
    3VMFT
    "1*ΩʔͰΞΫηε

    View Slide

  12. • SFBE୯ҰEPDΛऔಘ͢ΔHFUͱෳ਺औಘ͢ΔMJTU
    • XSJUFDSFBUF VQEBUF EFMFUF
    SFBEXSJUFݖݶ
    R e a d R e s t r i c t i o n
    match /Users/{uid} {
    allow get: if someCondition();
    allow create: if someCondition();
    }
    function someCondition() { … }

    View Slide

  13. • ϦΫΤετσʔλɿSFRVFTUSFTPVSDFEBUB
    • 'JSFTUPSFσʔλɿSFTPVSDFEBUB
    • ܕɿJOU TUSJOH CPPM UJNFTUBNQͳͲ
    • LFZɿIBT"MM IBT0OMZ IBT"OZ
    σʔλͷόϦσʔγϣϯ
    D a t a V a l i d a t i o n
    match /Users/{uid} {
    allow update: if
    request.resource.data.keys().hasAll(["name", "age"])
    && request.resource.data.name is string
    && request.resource.data.name != ""
    && request.resource.data.age == resource.data.age
    }

    View Slide

  14. 5
    S e t t i n g s e c u r e r u l e s
    ػີσʔλ͸ผ֊૚ผSVMFTʹ͢Δ
    ϫΠϧυΧʔυͰͷSVMFTઃఆʹؾΛ͚ͭΔ
    ৘ใ࿙Ӯ͠ͳ͍ͨΊͷSVMFTઃఆ

    View Slide

  15. • ผ֊૚ʹͯ͠SVMFTઃఆΛݫ͘͢͠Δ
    ػີσʔλ͸ผ֊૚
    D i v i d e S e c r e t D a t a
    match /Users/{uid} {
    // ೝূࡁϢʔβʹެ։
    allow read: if isAuthUser();
    // ࣗ෼ͷσʔλ͚ͩʹΞΫηεՄ
    match /Private/Info {
    allow read: if isMyData(uid);
    }
    }
    function isMyData(uid) {
    return request.auth.uid == uid;
    }

    View Slide

  16. ϫΠϧυΧʔυͰͷSVMFTઃఆ
    • ϫΠϧυΧʔυͰෳ਺SVMF͕ద༻͞ΕͯڐՄ͞ΕΔ
    U s i n g w i l d c a r d
    match /Users/{uid} {
    // ৚݅1
    match /{allChildren=**} {
    allow read: if isAuthUser();
    }
    // ৚݅2
    match /Private/Info {
    allow read: if isMyData(uid);
    }
    }
    function isMyData(uid) {
    return request.auth.uid == uid;
    }

    View Slide

  17. (JODPͷSVMFTӡ༻ͷมભ
    P A R T 2

    View Slide

  18. ϦϦʔεॳظ
    • ϦϦʔε౰ॳ͸SVMFTͷςετ͕ͳ͔ͬͨ
    • σϓϩΠ͔ͯ͠Βಈ࡞νΣοΫͳͷͰ͕͔͔࣌ؒΔ
    • ։ൃ؀ڥʹӨڹΛ༩͑ͯ͠·͏
    E a r l y S t a g e

    View Slide

  19. ϦϦʔεதظ
    • SVMFT͕ߦΛ௒͑͸͡Ίͯมߋ͕ࠔ೉ʹͳ͖ͬͯͨ
    • SVMFTΛมߋͰ͖ΔΑ͏ʹςετίʔυΛ࣮૷
    • ςετ͢Δʹ͸ςετ༻ͷ'JSFCBTF1SPKFDU͕ඞཁ
    M i d d l e S t a g e

    View Slide

  20. ςετ1SPKFDUΛ࢖ͬͨςετ

    View Slide

  21. SVMFTͷςετํ๏
    • 'JSFCBTF4%,ʹ͸$MJFOU4%,ͱ"ENJO4%,͕͋Δ
    • $MJFOU4%,͚ͩSVMFT͕ద༻͞ΕΔ
    • +BWB4DSJQU͚ͩͭͷ4%,͕͋Δ
    H o w t o t e s t
    Firestore
    Cloud
    $MJFOU4%, "ENJO4%,
    3VMFT

    View Slide

  22. • UFTUͷͨΊͷ'JSFCBTFϓϩδΣΫτΛ࡞੒
    • 'JSFCBTF"VUIFOUJDBUJPOͰಗ໊ೝূΛ༗ޮԽ
    • ωοτϫʔΫӽ͠ͳͷͰ͕͔͔࣌ؒΔ
    • SVMFTͱςετσʔλͷڝ߹
    ςετ1SPKFDUΛ࢖ͬͨํ๏
    T e s t u s i n g p r o j e c t
    Firestore
    Cloud

    View Slide

  23. ݱࡏ
    • ೥݄ʹ'JSFTUPSF-PDBM&NVMBUPSൃද
    • SVMFTͷςετ͸ϩʔΧϧ؀ڥ͚ͩͰ׬݁
    • ଞਓͷ࡞ۀΛҙࣝ͠ͳͯ͘ྑ͘ͳͬͨͷͰSVMFTͷ௥Ճɺ
    मਖ਼͕͠΍͘͢ͳͬͨ
    P r e s e n t S t a g e

    View Slide

  24. -PDBM&NVMBUPSΛ࢖ͬͨςετ
    P A R T 3

    View Slide

  25. 'JSFCBTF-PDBM&NVMBUPS
    • ςετʹ͸!pSFCBTFUFTUJOHϞδϡʔϧΛ࢖༻
    • ೝূະೝূΞΧ΢ϯτɺ"ENJOΞΧ΢ϯτΛ؆୯ʹར
    ༻Ͱ͖Δ
    • ςετσʔλͷڝ߹͠ͳ͍͠ɺUSVODBUF͠ͳ͍͍ͯ͘
    • ςετ࣮ߦ͕࣌ؒʹ࡟ݮ
    L o c a l E m u l a t o r

    View Slide

  26. L o a d r u l e s
    SVMFTͷϩʔυ
    import * as firebase from ‘@firebase/testing’
    // rulesͷϩʔυ
    firebase.loadFirestoreRules({
    projectId: 'test-project-00',
    rules: fs.readFileSync("firestore.rules", "utf8")
    })
    • SVMFTͷϩʔυ͸೚ҙͷQSPKFDU*EͰͰ͖Δ
    • QSPKFDU*EผʹݸผͷσʔλۭؒΛ࣋ͯΔ
    • ςετຖʹQSPKFDU*EΛมߋ͢Ε͹·ͬ͞Βͳঢ়ଶ

    View Slide

  27. • ෳ਺ͷೝূΞΧ΢ϯτΛಉ࣌ʹѻ͑Δ
    L o a d r u l e s
    ΞΧ΢ϯτ࡞੒
    // ೝূࡁΞΧ΢ϯτ
    const firestore = firebase
    .initializeTestApp({
    projectId: ‘test-project-00',
    auth: {uid: ‘test-account’}
    })
    .firestore();
    // AdminΞΧ΢ϯτ
    const adminFirestore = firebase
    .initializeAdminApp({
    projectId: 'test-project-00',
    auth: ‘admin-account’
    })
    .firestore();

    View Slide

  28. ·ͱΊ
    • SVMFTͷઃఆͰجຊతʹ৘ใ࿙Ӯ͸๷͛Δ
    • ػີ৘ใ͸֊૚Λ෼͚ͯϫΠϧυΧʔυΛଟ༻͠ͳ͍
    • SVMFTͷςετ͸-PDBM&NVMBUPSͰޮ཰Խ
    S u m m a r y

    View Slide