Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Firestore limit reads and writes per hour or per day to prevent user setting a timer in the inspector

I am learning Firebase and I might use it in production. I can not find how to prevent a logged in user to edit javascript code and trigger thousands of reads per day automatically and that I will have to pay for. As far as I know, any user who would like to increase my firebase bill could set a timer by editing javascript code and read and write every 4 seconds where he can in the firestore database. How can you prevent a user read rate per day or hour?

like image 763
jwtrees Avatar asked Nov 16 '19 21:11

jwtrees


1 Answers

There is no way to set a read limit on Cloud Firestore.

You can implement a write limit in security rules as shown in this answer: How do I implement a write rate limit in Cloud Firestore security rules?. Alternatively you can pass all writes through Cloud Functions, where you can control the rate through your own code.

If you've set your security rules to limit users to the minimum data they need to be able to access, and think you're being abused, reach out to Firebase support for personalized help in troubleshooting.

like image 131
Frank van Puffelen Avatar answered Sep 21 '22 09:09

Frank van Puffelen