In this meeting by the State Changers, the primary focus was on the security aspects of their application development, specifically via Firebase and FlutterFlow. One of the State Changers, Camille, explained their approach towards user authorisation and sought advice on the necessity and implementation of 'kids' (key IDs) for adding an extra layer of security.
Within their current set up, using Firebase ID for login in the FlutterFlow environment, Camille outlined that once a user is verified, a token and expiration time are created. Concerns of potential security loopholes were discussed, given that it was theoretically possible for unauthorised individuals to access user data by simply knowing a correct ID. This led to a detailed conversation on the importance and potential implementation of key IDs ('kids'), which provides a method to verify the authenticity of a Firebase token and thus adds a security layer to data access. The discussion concluded with advice for Camille to review previous videos where this mechanism was discussed in depth, and to bring up any issues or concerns that they might have with understanding or implementing it on the platform, for further deliberation. The process may not be overly lengthy, but a comprehensive understanding of it is fundamental for ensuring application security.
(Source: Office Hours 8/25/2023 )
