Abstract image of a woman sitting on books and studying on a laptop

Chat Done Right

A
Adrian Bunge

The document discusses the development of a chat application using Android and Firebase, focusing on functionalities like authentication, messaging, and notifications. It emphasizes the use of Firebase's realtime database and cloud functions to enhance security and streamline data management. Key takeaways include the effectiveness of cloud functions in offloading logic from the client and managing user permissions securely.

Technology
Related topics:
Node.js Development
1 of 26
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
Chat Done Right! With Android & Firebase
How is this going to work? This is NOT a lecture… ‣ Interactive discussion ‣ There is no “questions” slide
Our Tools Android Kotlin Firebase Realtime Database Cloud Functions Database Rules
What we’re building A chat app (surprise) that needs: 1. Authentication 2. Users 3. To send messages 4. To show active chats 5. A contact list 6. Send notifications 7. Group management
Why Firebase? Realtime Database Serverless Cloud Functions Seamless Synchronisation Realtime Notifications Native SDKs
Our Tools Android Kotlin Firebase Realtime Database Cloud Functions Database Rules
Write directly to DB from Android ๏ CRUD - You can do just about anything from the client ๏ Persistence and caching to writes to DB ๏ Super super fast ๏ But the are somethings better done with a Cloud Function
Database Rules Insecure rules (public access) Default rules (read/write if authorised)
All Messages chat_id_1 chat_id_2 message_id_1 message_id_2 message_id_3 message_id_4
All Chat Previews user_uid_1 user_uid_2 chat_id_1 chat_id_2
All Chat Previews user_uid_1 user_uid_2 chat_id_1 chat_id_2 But how do we know which chat previews to update when a message is sent?
Chat Done Right
Chat Done Right
But wait, there is! ๏ Unnecessary logic on client apps ๏ Direct write access to DB ๏ Security rules management easily becomes a nightmare
Introducing Cloud Functions ๏ Conditional triggering & throttling ‣ On node changes (has auth object) ‣ Client SDK callable (has auth object) ‣ HTTP Request ๏ Central & Secure ๏ Node.js ๏ Logging ๏ Admin rights on all operations
Chat Done Right
Calling a function Cloud FunctionAndroid App https://tinyurl.com/chitchatCloud https://tinyurl.com/chitchatAndroid
Chat Done Right
Chat Done Right: Using Cloud Functions Trigger onWriteSend message payload onSendMessage Function Realtime DatabaseAndroid App User 1
Why the direct write ๏ Caches the write (local state management) ๏ Avoid response delay But! ๏ Write access risks Solution Only allow message creates (not updates) for chats that an authorised user is part of.
Remember these Insecure rules (public access) Default rules (read/write if authorised)
Database Rules Adding security: Taking it up a notch
Trigger onWriteSend message payload onSendMessage Function Realtime DatabaseAndroid App User 1
Using Cloud Functions for Chat onSendMessage Function Chat Members Node Fetch Chat Member IDs Write to each Chat Preview Chat Preview Node
Using Cloud Functions for Chat Android Apps User 1 User 2 User 3 All user Chat previews Updated Chat Preview Node Notifications sent
Take Homes •Cloud functions takes logic off the client • This avoids repetition between the platforms • Easier to think about security • If you can use a Cloud Function do it •Writing directly to DB from client • Firebase handles the persistence • Caches writes & reads wisani@nona.digital adrian@nona.digital https://tinyurl.com/chitchatCloud https://tinyurl.com/chitchatAndroid

More Related Content

PDF
OneLogin qpstudy_20160716
慶 宮澤
 
PDF
Function of OneLogin
慶 宮澤
 
PPTX
Microservices in GO lang
SHAKIL AKHTAR
 
PDF
Javantura v4 - True RESTful Java Web Services with JSON API and Katharsis - M...
HUJAK - Hrvatska udruga Java korisnika / Croatian Java User Association
 
PDF
O365Con18 - Connect SharePoint Framework Solutions to API's secured with Azur...
NCCOMMS
 
PPTX
.NET Fest 2017. Денис Резник. Исполнение Запроса в SQL Server. Ожидание - Реа...
NETFest
 
PPTX
Timings API: Performance Assertion during the functional testing
PetrosPlakogiannis
 
PPTX
.NET Fest 2017. Андрей Антиликаторов. Проектирование и разработка приложений ...
NETFest
 
OneLogin qpstudy_20160716
慶 宮澤
 
Function of OneLogin
慶 宮澤
 
Microservices in GO lang
SHAKIL AKHTAR
 
Javantura v4 - True RESTful Java Web Services with JSON API and Katharsis - M...
HUJAK - Hrvatska udruga Java korisnika / Croatian Java User Association
 
O365Con18 - Connect SharePoint Framework Solutions to API's secured with Azur...
NCCOMMS
 
.NET Fest 2017. Денис Резник. Исполнение Запроса в SQL Server. Ожидание - Реа...
NETFest
 
Timings API: Performance Assertion during the functional testing
PetrosPlakogiannis
 
.NET Fest 2017. Андрей Антиликаторов. Проектирование и разработка приложений ...
NETFest
 

What's hot (20)

PDF
London Non-Profit Spring 22 Salesforce Release
Keir Bowden
 
PDF
Microservices: a journey of an eternal improvement
Anton Udovychenko
 
PDF
London Salesforce Developer January 2022
Keir Bowden
 
PDF
70-534: ARCHITECTING MICROSOFT AZURE SOLUTIONS
DotNetCampus
 
PPTX
Rest api with node js and express
GirlsInTechnology Nepal
 
PDF
Microservice Secrets
Justin Hart
 
PDF
What’s new in WSO2 Enterprise Integrator 6.6
WSO2
 
PPTX
MongoDB World 2018: Evolving your Data Access with MongoDB Stitch
MongoDB
 
PPTX
Code Generation for Azure with .net
Marco Parenzan
 
PDF
Javantura v4 - Test-driven documentation with Spring REST Docs - Danijel Mitar
HUJAK - Hrvatska udruga Java korisnika / Croatian Java User Association
 
PDF
Introduction to Firebase on Android
amsanjeev
 
PPTX
API Versioning in the Cloud
Cloud Elements
 
PDF
Design Microservice Architectures the Right Way
Michael Bryzek
 
PPTX
Serverless Computing With Azure Functions
Jaliya Udagedara
 
PPTX
Progressive Web Application - Advanced Topics
Hiren Dave
 
PPTX
Architecture in real
Michael Chen
 
PDF
Production - Designing for Testability
Michael Bryzek
 
PDF
O365Con18 - Automate your Tasks through Azure Functions - Elio Struyf
NCCOMMS
 
PDF
Mobile Authentication for iOS Applications - Stormpath 101
Stormpath
 
PPTX
Progressive Web Apps
Yatendrasinh Joddha
 
London Non-Profit Spring 22 Salesforce Release
Keir Bowden
 
Microservices: a journey of an eternal improvement
Anton Udovychenko
 
London Salesforce Developer January 2022
Keir Bowden
 
70-534: ARCHITECTING MICROSOFT AZURE SOLUTIONS
DotNetCampus
 
Rest api with node js and express
GirlsInTechnology Nepal
 
Microservice Secrets
Justin Hart
 
What’s new in WSO2 Enterprise Integrator 6.6
WSO2
 
MongoDB World 2018: Evolving your Data Access with MongoDB Stitch
MongoDB
 
Code Generation for Azure with .net
Marco Parenzan
 
Javantura v4 - Test-driven documentation with Spring REST Docs - Danijel Mitar
HUJAK - Hrvatska udruga Java korisnika / Croatian Java User Association
 
Introduction to Firebase on Android
amsanjeev
 
API Versioning in the Cloud
Cloud Elements
 
Design Microservice Architectures the Right Way
Michael Bryzek
 
Serverless Computing With Azure Functions
Jaliya Udagedara
 
Progressive Web Application - Advanced Topics
Hiren Dave
 
Architecture in real
Michael Chen
 
Production - Designing for Testability
Michael Bryzek
 
O365Con18 - Automate your Tasks through Azure Functions - Elio Struyf
NCCOMMS
 
Mobile Authentication for iOS Applications - Stormpath 101
Stormpath
 
Progressive Web Apps
Yatendrasinh Joddha
 
Ad

Similar to Chat Done Right (20)

POTX
devworkshop-10_28_1015-amazon-conference-presentation
Alex Wu
 
PDF
Serverless Design Patterns (London Dev Community)
Yan Cui
 
PPS
Getting Started With Android Application Development [IndicThreads Mobile Ap...
IndicThreads
 
PPT
CFInterop
webuploader
 
PPTX
Android Whats running in background
Naval Kishore Barthwal
 
PDF
Serverless Design Patterns
Yan Cui
 
PPTX
MongoDB World 2018: Ch-Ch-Ch-Ch-Changes: Taking Your Stitch Application to th...
MongoDB
 
PDF
Andy Malone - The new office 365 for it pro's
Nordic Infrastructure Conference
 
PDF
NoSQLEU: Different NoSQL tools in Production
Bit Zesty
 
PDF
Serveless design patterns
Yan Cui
 
PPTX
Why And When Should We Consider Stream Processing In Our Solutions Teqnation ...
Soroosh Khodami
 
PDF
Office 365 introduction and technical overview
Motty Ben Atia
 
PPTX
Develop Hybrid Mobile Application with Azure Mobile Services and Telerik Plat...
Abhishek Kant
 
PPTX
Meet with Meteor
Tahmina Khatoon
 
PPTX
Internet of Things and Edge Compute at Chick-fil-A
Brian Chambers
 
PDF
Behat internals for advanced usage. Symfony Camp 2016
Sergey Polischook
 
PPTX
The dev ops code has no servers
Ed Anderson
 
PPTX
Cloud Native 오픈소스 서비스 소개 및 Serverless로 실제 게임 개발하기
Jinwoong Kim
 
PDF
"Micro-frontends from A to Z. How and Why we use Micro-frontends in Namecheap...
Fwdays
 
PPTX
Top Java Performance Problems and Metrics To Check in Your Pipeline
Andreas Grabner
 
devworkshop-10_28_1015-amazon-conference-presentation
Alex Wu
 
Serverless Design Patterns (London Dev Community)
Yan Cui
 
Getting Started With Android Application Development [IndicThreads Mobile Ap...
IndicThreads
 
CFInterop
webuploader
 
Android Whats running in background
Naval Kishore Barthwal
 
Serverless Design Patterns
Yan Cui
 
MongoDB World 2018: Ch-Ch-Ch-Ch-Changes: Taking Your Stitch Application to th...
MongoDB
 
Andy Malone - The new office 365 for it pro's
Nordic Infrastructure Conference
 
NoSQLEU: Different NoSQL tools in Production
Bit Zesty
 
Serveless design patterns
Yan Cui
 
Why And When Should We Consider Stream Processing In Our Solutions Teqnation ...
Soroosh Khodami
 
Office 365 introduction and technical overview
Motty Ben Atia
 
Develop Hybrid Mobile Application with Azure Mobile Services and Telerik Plat...
Abhishek Kant
 
Meet with Meteor
Tahmina Khatoon
 
Internet of Things and Edge Compute at Chick-fil-A
Brian Chambers
 
Behat internals for advanced usage. Symfony Camp 2016
Sergey Polischook
 
The dev ops code has no servers
Ed Anderson
 
Cloud Native 오픈소스 서비스 소개 및 Serverless로 실제 게임 개발하기
Jinwoong Kim
 
"Micro-frontends from A to Z. How and Why we use Micro-frontends in Namecheap...
Fwdays
 
Top Java Performance Problems and Metrics To Check in Your Pipeline
Andreas Grabner
 
Ad

Recently uploaded (20)

PDF
How ambidextrous entrepreneurial leaders react to the artificial intelligence...
IAESIJAI
 
PPTX
Custom Battery Pack Design Considerations for Performance and Safety
Epec Engineered Technologies
 
PDF
Produktkatalog für HOBO Datenlogger, Wetterstationen, Sensoren, Software und ...
Metrics GmbH
 
PPTX
Modernising the Digital Integration Hub
Daniel Toomey
 
PDF
OpenACC and Open Hackathons Monthly Highlights July 2025
OpenACC
 
PDF
sbt 2.0: go big (Scala Days 2025 edition)
Eugene Yokota
 
PPTX
GROUP4NURSINGINFORMATICSREPORT-2 PRESENTATION
ClarisejaneSartillo1
 
PPT
Module 1.ppt Iot fundamentals and Architecture
nanditha7766
 
PDF
STKI Israel Market Study 2025 version august
Dr. Jimmy Schwarzkopf
 
PPTX
2018-HIPAA-Renewal-Training for executives
Mayank Mathur
 
PDF
Zenith AI: Advanced Artificial Intelligence
Biz Preneurs
 
PPTX
Configure Apache Mutual Authentication
Antonino Piraino
 
PDF
Getting started with AI Agents and Multi-Agent Systems
Maxim Salnikov
 
PDF
Consumable AI The What, Why & How for Small Teams.pdf
Vivek Sai
 
PDF
A proposed approach for plagiarism detection in Myanmar Unicode text
IAESIJAI
 
PPTX
AI IN MARKETING- PRESENTED BY ANWAR KABIR 1st June 2025.pptx
HiraJay1
 
PPTX
Chapter 5: Probability Theory and Statistics
RandyFin
 
PDF
A contest of sentiment analysis: k-nearest neighbor versus neural network
IAESIJAI
 
PDF
Enhancing plagiarism detection using data pre-processing and machine learning...
IAESIJAI
 
DOCX
search engine optimization ppt fir known well about this
StandardCodeLearning
 
How ambidextrous entrepreneurial leaders react to the artificial intelligence...
IAESIJAI
 
Custom Battery Pack Design Considerations for Performance and Safety
Epec Engineered Technologies
 
Produktkatalog für HOBO Datenlogger, Wetterstationen, Sensoren, Software und ...
Metrics GmbH
 
Modernising the Digital Integration Hub
Daniel Toomey
 
OpenACC and Open Hackathons Monthly Highlights July 2025
OpenACC
 
sbt 2.0: go big (Scala Days 2025 edition)
Eugene Yokota
 
GROUP4NURSINGINFORMATICSREPORT-2 PRESENTATION
ClarisejaneSartillo1
 
Module 1.ppt Iot fundamentals and Architecture
nanditha7766
 
STKI Israel Market Study 2025 version august
Dr. Jimmy Schwarzkopf
 
2018-HIPAA-Renewal-Training for executives
Mayank Mathur
 
Zenith AI: Advanced Artificial Intelligence
Biz Preneurs
 
Configure Apache Mutual Authentication
Antonino Piraino
 
Getting started with AI Agents and Multi-Agent Systems
Maxim Salnikov
 
Consumable AI The What, Why & How for Small Teams.pdf
Vivek Sai
 
A proposed approach for plagiarism detection in Myanmar Unicode text
IAESIJAI
 
AI IN MARKETING- PRESENTED BY ANWAR KABIR 1st June 2025.pptx
HiraJay1
 
Chapter 5: Probability Theory and Statistics
RandyFin
 
A contest of sentiment analysis: k-nearest neighbor versus neural network
IAESIJAI
 
Enhancing plagiarism detection using data pre-processing and machine learning...
IAESIJAI
 
search engine optimization ppt fir known well about this
StandardCodeLearning
 

Chat Done Right