Is it possible to setup a Firebase cloud function that serves a file from a Firebase cloud storage bucket to avoid using the long firebasestorage.googleapis.com link
Yes, that is possible. In that case you can even go without download URLs, since in Cloud Functions you'll have administrative access to all files in your Cloud Storage bucket anyway.
Related
Is there a way to allow only a firebase function to upload files to firebase storage without authentication?
If you upload to files to Storage in Cloud Functions for Firebase, you are using the Node.js SDK for Cloud Storage and your code accesses Storage with elevated privileges. This SDK does not follow Firebase's security rules for your Storage bucket, so it can upload files no matter what rules you set.
So if you use this rule:
allow write: if false;
Your Cloud Functions will be able to upload files, but nobody using a client-side SDK in your app will be able to.
I'm trying to implement a system that allows react-native clients to upload files to a specific folder in Cloud Storage and allows clients to download from them. I can't do this directly from the client because I first need to query Firestore to validate that the user is 'friends' with the owner of the folder which will allow for read/write permissions.
I decided to use Cloud Functions as a middle layer to encapsulate this business logic and I expected to also be able to use it as a middle layer to upload the files. However, I feel like I may be misunderstanding how to best use these services together to solve this problem.
Current Plan:
Client uploads file to Cloud Function (assuming they are permitted after Cloud Function queries Firestore and validates)
Cloud Function uploads file to Cloud Storage
Client can then request file from Cloud Function, which validates permissions using Firestore and downloads file from CloudStorage
Cloud Function sends file to client
Questions:
Can/Should I use Cloud Functions in this way as a middle layer to upload files after validating permissions store in Firestore?
Is there an alternative solution using firebase that would mitigate the 10MB download limit with Cloud Functions but still allow me to authenticate uploads/downloads to and from Cloud Storage using my custom business logic on relationships in Firestore?
Any help or guidance here is appreciated! I'm very new to firebase, cloud architecture, and architecture in general.
This is definitely a valid and technically feasible approach. Whether you should do it, only you can determine of course.
An alternative is to use Firebase Storage's security rules to enforce the access control on the files. But you won't be able to read anything from Firestore in those rules, so you'll have to ensure everything needed to grant/deny access is in the path of the requested file, in the file's metadata, and/or in the user's token.
Even if you implement the download of files in Cloud Functions, you can still perform uploads through Firebase. You could in that case for example have the user write to a temporary location, which then triggers a Cloud Function that can do whatever additional checks you want on the file.
I deployed a cloud function in firebase but instead of using a local emulator for testing purposes, I redeployed it several times to debug and test. After this, I see that my usage in the cloud storage in firebase is upwards of 500 MB although I have not stored any files in the Cloud Storage. Is this due to the multiple redeployments of the function? If yes, will deleting the cloud function free up this space or is there another way.
Thanks.
Yes, deploying a Cloud Function will take up more space in Cloud Storage. There is a dedicated storage bucket for the build of the server images that get deployed. You can see this for yourself in the Google Cloud Console for your project. You can manually delete the content if you don't want to pay for the storage.
I don't think that deleting the function will also delete the storage, but you can try that for yourself and observe if it works the way you expect.
See also:
How to delete outdated Firebase Cloud function containers from GC Storage?
will Cloud Function affect Firebase Storage bandwidth usage?
I need to upload files to Firebase Cloud Storage with REST api; I read that Firebase doesn't provide them but Google Cloud Storage does. I need that a firebase cloud function will be triggered on uploads. I know that Firebase is backed by GCS, so I'll use it, but I didn't find if upload on GCS will trigger a Firebase Cloud function too. Does anybody know anything?
Since nobody answered me, I tried and the result is: yes, Firebase function is triggered even if I use GCS rest api to upload on bucket.
I'm new to firebase cloud storage. Quick question: Are firebase cloud-storage read rules meant to apply to SDK read access, or http (get) URL access (via the URL returned by the SDK after a write), or both?
May have followup questions depending on how this question is answered.
Thanks.
The Firebase security rules for Cloud Storage apply to users accessing Cloud Storage through the Firebase SDK.
The rules do not apply to users accessing Cloud Storage through a download URL, which is an unguessable URL that provides read-only access to files.
The rules also do not apply to users accessing Cloud Storage through one of the native Cloud Storage SDKs, which run with administrative permissions and are typically only run on app servers or otherwise trusted environments.