I have a Firebase project that users share some content with consists of media and text. For Facebook to handle links properly shared content must have a pre-populated page (dynamically created on the server-side, not on the client with Firebase JS API).
So, I have decided to use Google App Engine (GAE) to serve these content as an URL like somedomain.com/?content=hfe84gfjy45xs
var admin = require("firebase-admin");
// Fetch the service account key JSON file contents
var serviceAccount = require("path/to/serviceAccountKey.json");
// Initialize the app with a null auth variable, limiting the server's access
admin.initializeApp({
credential: admin.credential.cert(serviceAccount),
databaseURL: "https://databaseName.firebaseio.com",
databaseAuthVariableOverride: null
});
Is it safe to put path/to/serviceAccountKey.json
file in project folder?
Do i have to put the file to a Google Cloud Storage instance?
Thanks in advance.
express-firebase has a good example of accomplishing this.
Add your serviceAccountKey.json
to your project BUT reference that file path in your .gitignore
so it is not checked into source control.
Create a .env variable that is the path to your serviceAccountKey.json
as so:
FIREBASE_SERVICE_ACCOUNT_KEY_PATH=./service-account-key.json
See dotenv for loading environments variables in JS apps.
From there, you can simply reference your service account file like so and pass it to the cert
function:
const serviceAccount = require(process.env.FIREBASE_SERVICE_ACCOUNT_KEY_PATH);
admin.credential.cert(serviceAccount)