canmustu
canmustu

Reputation: 2659

CONFIG Problem for Firebase Authentication In IONIC (Angular) Project

I made an IONIC project which can be authenticated with Facebook and Google and i put config file(in the picture) in the app.module.ts

Firebase Config For IONIC Angular

Is app.module.ts only seen by the developer?

Upvotes: 0

Views: 390

Answers (2)

SiddAjmera
SiddAjmera

Reputation: 39482

If you follow the Installation and Setup guide for @angular/fire, they keep it in the /src/environments/environment.ts. I'm not sure if that's the recommended place to keep any front-end configurations in the App.

People have mixed opinions about it. You might want to read through this answer to know more.

I think making an API call would make it more prone to sniff and hack. Someone could see your Network Requests and get a hold of the response payload for that matter.

UPDATE:

No, it's NOT SAFE to keep Firebase Config in environment.ts or environment.prod.ts.

As of now, AngularCLI only minifies the code. If you open up Devtools on your Browser, select main.hash-code-for-the-bundle.js and pretty print it, and then try to find by something like messagingSenderId, you'll be able to see it.

enter image description here

NOTE: This is a real production app.

Upvotes: 1

Ronnie Smith
Ronnie Smith

Reputation: 18585

This can all be made public (client-side). This is intended for client configurations. If you look under the web section in the Firebase console you'll see that they tell developers to paste that in their client-side (JavaScript SDK) code.

Upvotes: 2

Related Questions