I am currently working on a project and I am using firebase for the back-end part and I have the following questions:
I'm not very familiar with firebase but from what I know about authentication:
I wrote those answers based on my studies and past experiences. But the authentication subject is vast and there's a lot of debate. I suggest some research on the topic so you get more acquainted with the various aspects of the security of it.
Your React
application is a client application, the place where password
checking is made is in the firebase backend
that you don't control.
The onChange event listener
is just there to help you grab what the user is typing in the password field
so that you can send some data in the server(firbase)
.The local state that you use for that is not a persistant storage
like localstorage
,it just a variable that only your client application can access in your browser.So there is not security issue.When you reload your page the values will no longer exist in the variable.
Where it's important to consider to protect your password is:
https
so that your password
field doesn't be sent in clear
to the server.backend application
.So as you're using database, you don't have to worry for that. Summary:
localstorage
, cookies
,etc..The only thing that it does it to keep the value until your make an http request to send it into the serverwith SSL/TLS
in client server communicationI hope it helped.
Notice: English is not my first langage,so i may have written with some mistakes
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.