Elye, thanks for bringing attention to this security risk. The simplest architecture pattern is to have separate Firebase projects for staging/qa and production/release environments.

The Android client can initialize the corresponding Firebase authentication based on the Build environments in Gradle. Then, testing new changes to the server, database, remote config, and etc can be fully rolled out on the testing Firebase project first.

--

--

--

Open Sourcer

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Adam Hurwitz

Adam Hurwitz

Open Sourcer

More from Medium

Hello Spring, Goodbye Easter!?

UI Design (Case Study)

Djibouti: Spicy Lamb Stew from the Horn of Africa

Lake Abbe in Djibouti

CS371p Spring 2022: Apr 4-Apr 10