Firebaseはロックに使おう / Netadashi Meetup#8 Firebase

Transcript

1. Firebase͸ʮϩοΫʯʹ࢖͓͏ 2019/1/18, Netadashi Meetup#8 w2-yamaguchi

2. ࣗݾ঺հ • w2-yamaguchi • 2015೥ೖࣾ • େखอݥձࣾ޲͚ͷγεςϜ։ൃʹैࣄ • Firebase Japan

   User Group ӡӦ 2 ayubuki

3. ͸ͳ͢͜ͱ! • FirebaseΛ࢖͏্Ͱ஌͓͍ͬͯͯཉ͍͜͠ͱ • ܒ໤తͳ͸ͳ͠ 3 ͸ͳ͞ͳ͍͜ͱ" • ٕज़తͳࡉ͔͍͸ͳ͠

4. FirebaseͷαʔϏε͸͜Μͳʹ͍ͬͺ͍ʂ 4 Crashlytics Performance Monitoring Test Lab Cloud Firestore ML

   Kit Cloud Functions Authentication Hosting Cloud Storage Realtime Database In-App Message Google Analytics Prediction A/B Testing Cloud Messaging Remote Config Dynamic Links App Indexing Build better apps Improve app quality Grow your business ※2019/1/15ʹެࣜϓϩμΫτϖʔδʢhttps://firebase.google.comʣΑΓൈਮ

5. FirebaseͷαʔϏε͸͜Μͳʹ͍ͬͺ͍ʂ 5 Crashlytics Performance Monitoring Test Lab Cloud Firestore ML

   Kit Cloud Functions Authentication Hosting Cloud Storage Realtime Database In-App Message Google Analytics Prediction A/B Testing Cloud Messaging Remote Config Dynamic Links App Indexing Build better apps Improve app quality Grow your business ※2019/1/15ʹެࣜϓϩμΫτϖʔδʢhttps://firebase.google.comʣΑΓൈਮ ࠓ೔͸͜͜Λ࿩͠·͢ʂ

6. Cloud FirestoreΛ࢖ͬͨ͜ͱ͕͋Δਓ 6

7. Cloud Firestoreͷಛ௃ • ॊೈੑ • ߴػೳͳΫΤϦॲཧ • ϦΞϧλΠϜɹΞοϓσʔτ • ΦϑϥΠϯαϙʔτ

   • ֦ுੑͷ͋Δઃܭ 7 ※ެࣜυΩϡϝϯτʢhttps://firebase.google.com/docs/firestoreʣΑΓൈਮ

8. Cloud Firestoreͷߏ଄ • Cloud Firestore ͸NoSQLσʔλϕʔε • PCͷϑΝΠϧγεςϜͷΑ͏ͳߏ଄Λ࣋ͭ͜ͱ͕Ͱ͖Δ 8 {

   "users": { ”user001": { "name": ”user001", "email": ”[email protected]" }, ”user002": { "name": ”user002", "email": " [email protected]" } } } collection document data

9. ֤ΫϥΠΞϯτ͔ΒಡΈॻ͖Ͱ͖Δ • WebɺAndroidɺiOSɺUnity͔Β௚઀ɺಡΈॻ͖͢Δ͜ͱ͕ Ͱ͖Δ 9 SDK

10. Cloud FirestoreͷηΩϡϦςΟػߏ • υΩϡϝϯτ୯Ґʹಠࣗͷݴޠ*1ͰΫϥΠΞϯτ͔ΒͷΦϖ Ϩʔγϣϯ*2Λ੍ޚ͢Δ 10 service cloud.firestore {
 match

    /databases/{database}/documents {
 match /<some_path>/ {
 allow read, write: if <some_condition>;
 }
 }
 } Basics Details Authorization read get ୯ҰυΩϡϝϯτͷಡΈࠐΈݖݶ list ΫΤϦ͓ΑͼίϨΫγϣϯͷಡΈࠐΈݖݶ write create ଘࡏ͠ͳ͍υΩϡϝϯτͷ࡞੒ݖݶ update ଘࡏ͢ΔυΩϡϝϯτͷߋ৽ݖݶ delete ଘࡏ͢ΔυΩϡϝϯτͷ࡟আݖݶ *1 ಠࣗݴޠʹΑΔϧʔϧͷهड़ *2 ੍ޚͰ͖ΔΦϖϨʔγϣϯ

11. Cloud Firestoreͷਏ͍ͱ͜Ζ • ηΩϡϦςΟϧʔϧ͕ΊΜͲ͍͘͞ • ΫΤϦ͕ශऑʢࠓ೔͸࿩͞ͳ͍ʣ 11

12. ΍Γ͕ͪͰ͢ΑͶɻɻɻʁ 12

13. 69%ͷਓ͕ςετϞʔυͰ࢝ΊͯΔ ஫ʣݸਓௐ΂ 13 ςετϞʔυ  ϩοΫϞʔυ  Twitter্ͷΞϯέʔτʹΑΔௐࠪ݁Ռʢճ౴ਓ਺ɿ55໊ʣ https://twitter.com/ayubuki/status/1085164645441187840

14. 合計1億件以上の個人情報がFirebaseの脆 弱性によって公開状態に ݪจʣ62% of Enterprises Exposed to Sensitive Data Loss

    via Firebase Vulnerability - Appthority 14 https://gigazine.net/news/20180625-firebase-vulnerability-data-loss/ https://www.appthority.com/company/press/press-releases/62-of-enterprises-exposed-to-sensitive-data-loss-via-firebase-vulnerability/

15. 合計1億件以上の個人情報がFirebaseの脆 弱性によって公開状態に ݪจʣ62% of Enterprises Exposed to Sensitive Data Loss

    via Firebase Vulnerability - Appthority 15 https://gigazine.net/news/20180625-firebase-vulnerability-data-loss/ https://www.appthority.com/company/press/press-releases/62-of-enterprises-exposed-to-sensitive-data-loss-via-firebase-vulnerability/ ʜηΩϡϦςΟձࣾͷ"QQUIPSJUZʹΑΔͱɺ͜ͷ੬ऑੑ͸ Firebaseσʔλϕʔεͷೝূ͕ద੾ʹߦΘΕ͍ͯͳ͍ ͱ͖ʹݦࡏԽ͢Δ΋ͷɻ೥ୈ࢛൒ظʹݟ͔ͭͬͨɺ
    ΞϓϦ։ൃऀʹΑΔσʔλ֨ೲͷอޢ͕ෆ׬શͳͱ͖ ʹ৘ใ͕࿐ग़ͯ͠͠·͏ʮ)PTQJUBM(PXOʯͱݺ͹ΕΔ੬ऑੑ ͷมछͰ͋Δͱߟ͑ΒΕ͍ͯ·͢ɻ৘ใΛ࿙Β͍ͯ͠Δʮ੬ऑ ͳΞϓϦʯΛ๊͑Δاۀ͸গͳ͘ͱ΋ར༻ऀͷˋʹ্ΔͱΈ ΒΕͯʜʢൈਮʣ

16. ͭ·Γ͜͏͍͏͜ͱ ஫ʣࢲݟ 16 service cloud.firestore { match /databases/{database}/documents { match

    /{document=**} { allow read, write; } } } service cloud.firestore { match /databases/{database}/documents { match /{document=**} { allow read, write: if request.auth.uid != null; } } } ୭Ͱ΋ಡΈॻ͖Ͱ͖ΔʢʹςετϞʔυͰ։࢝ʣ ೝূࡁΈϢʔβʔ͸ಡΈॻ͖Ͱ͖Δ

17. ΍ͬͯ΄͍͜͠ͱʂ ʬϒϥοΫϦετܕରࡦʭ Φʔϓϯঢ়ଶʢςετϞʔυʣ͔ΒͲ͏ߜ͍͔ͬͯ͘ߟ͑Δ ʬϗϫΠτϦετܕରࡦʭ Ϋϩʔζঢ়ଶʢϩοΫϞʔυʣ͔ΒͲ͏؇Ί͍͔ͯ͘ߟ͑Δ 17

18. Tipsʣ υΩϡϝϯτʹύʔϛογϣϯΛ෇༩ υΩϡϝϯτʹެ։৘ใ͔Ͳ͏͔൑அ͢ΔύʔϛογϣϯΛ ࣋ͨͤΔ 18 service cloud.firestore { match /databases/{database}/documents

    { match /items/{itemID} { allow read: if resource.data.isPublic == true || request.auth.uid == resource.data.uid; allow write: if request.auth.uid == resource.data.uid; } } } items item001 title: pizza isPublic: true item002 title: pasta isPublic: false ެ։৘ใͷΈ શһ͕ࢀরՄೳ

19. 19 Tipsʣެ։৘ใͱൿಗ৘ใͷ෼཭ ϧʔτϨϕϧͷίϨΫγϣϯͰެ։৘ใͱൿಗ৘ใΛ෼͚Δ service cloud.firestore { match /databases/{database}/documents { match

    /users/{userID} { allow read: if request.auth.uid != null; allow write: if request.auth.uid == resource.data.uid; } match /_users/{userID} { allow read, write: if request.auth.uid == resource.data.uid; } } } users _users user001 name: Bob twitter: bobbob uid: AEvO…T3hG birth: 1992/06/14 mail: bob@example uid: AEvO…T3hG Ϣʔβࣗ਎ͷΈ ࢀরɺߋ৽Մೳ user001

20. 20

21. Firebase͸ʮϩοΫʯʹ࢖͓͏ʂ 21 Firestore

22. Firebase Japan User GroupͷΠϕϯτ 2/6 Firebase Meetup #10 @mercari -GDEͷ2ਓ͕TestLabͱFirestoreʹ͍ͭͯޠΓ·͢ʂ

    2/18 Firebase Meetup #11 @navitime 22 ࠂ஌ https://firebase-community.connpass.com དྷ݄͸̎ճ։࠵ʂੋඇ༡ͼʹདྷ͍ͯͩ͘͞ʂ

23. ͋Γ͕ͱ͏͍͟͝·ͨ͠ʂʂ