I have an application in php that consumes the api of the firebase service account. I use the credential.json file provided by firebase.
I wonder how I can protect this file from improper access? The code below is from the class that makes the service available. The credential is in the same folder.
namespace App\Services\Google\Firebase;
use Kreait\Firebase\Factory; use Kreait\Firebase\ServiceAccount;
class FirebaseService {
public $database;
public $firebase;
public function __construct() {
// This assumes that you have placed the Firebase credentials in the same
directory
// as this PHP file.
$serviceAccount = ServiceAccount::fromJsonFile(__DIR__ . '/credencial.json');
$this->firebase = (new Factory)
->withServiceAccount($serviceAccount)
// The following line is optional if the project id in your credentials file
// is identical to the subdomain of your Firebase project. If you need it,
// make sure to replace the URL with the URL of your project.
->withDatabaseUri('url...')
->create();
$this->database = $this->firebase->getDatabase();
}
}