feat: centralize configuration and secure firebase handling#1492
Open
bhoomiiee wants to merge 1 commit intoomroy07:mainfrom
Open
feat: centralize configuration and secure firebase handling#1492bhoomiiee wants to merge 1 commit intoomroy07:mainfrom
bhoomiiee wants to merge 1 commit intoomroy07:mainfrom
Conversation
|
@bhoomiiee is attempting to deploy a commit to the Om Roy's projects Team on Vercel. A member of the Team first needs to authorize it. |
Thanks for creating a PR for your Issue!
|
Owner
|
Conflict |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
What This PR Implements
-Centralized Backend Configuration
Added /api/firebase-config endpoint in app.py
Firebase configuration is now read securely from environment variables
No sensitive credentials are stored in frontend files
Secure Environment-Based Setup
The following variables are now expected:
FIREBASE_API_KEY
FIREBASE_AUTH_DOMAIN
FIREBASE_PROJECT_ID
FIREBASE_STORAGE_BUCKET
FIREBASE_MESSAGING_SENDER_ID
FIREBASE_APP_ID
FIREBASE_MEASUREMENT_ID
Graceful Degradation
If Firebase variables are not configured, API returns null values
Frontend logs a warning:
"Firebase not configured on server."
Application does not crash
-Frontend Refactor
Removed hardcoded Firebase config from JS
Added dynamic fetch:
fetch('/api/firebase-config')
Firebase now initializes only after config is retrieved
-Testing Performed
Verified /api/firebase-config returns 200
Confirmed null-safe behavior when environment variables are missing
Confirmed no Firebase credentials are exposed in frontend source
Checked Network tab for successful fetch
Verified console warnings are expected and handled
-What Is NOT Included (Future Scope)
Strict runtime schema validation across all modules
Full migration of all modules to shared domain contracts
Production deployment configuration
Actual Firebase production keys (intentionally excluded)
Improves security posture
Prepares system for scaling
Makes configuration environment-agnostic
Enables safer ML/API integrations in future