1

Im using Real-Time database to storage my users Profiles.

Each of the profiles can contain multiple rooms, where each of them contain their own picture creating a quite complex structure.

Here an example: enter image description here

To make it easier to store the pictures to the corresponding profile, and room I am changing my pictures Bitmap in android to a String before I parse the object into the Database, and then when I get the object back I transform the String back to the Bitmap.

I was just wondering if this comes with any down cost in the future. Or if this implementation is safe where we put more data in the databases.

Improve this question
2
  • This is verging on asking for opinion-based answers. Commented Apr 16, 2019 at 8:40
  • That is a weird way of storing the pictures into the database. This will also increase the overhead as first, the image has to be converted into the bitmap. I would suggest to go with the storage option and store the URL of images into your database. Commented Apr 16, 2019 at 8:50

2 Answers 2

Reset to default
5

With your current database structure as-is, you will run into problems.

With the Realtime Database and this structure, everytime you request "user/SOME_ID", you will download all of the data below it - including your serialized images. Consult the database structure guide for information on how to flatten your data out so this doesn't occur.

Furthermore, I would recommend making use of Cloud Storage for Firebase to store your images in their native binary format rather than serializing to Base64 taking up ~30% more space. Like the RTDB, storage can be secured with rules if you store the files in structured locations like "user/SOME_ID/roomImages/ROOM_ID/..." or "roomImages/ROOM_ID/..."

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

I think that's not safe and bad implementation because u save users data in a third party service even without any encryption rather than storing it in your back-end which you have full control on it. if I was A user for your app I didn't like that but if this app just for testing something there is no problem.

Improve this answer

2 Comments

Well its for a university project, we are supposed to develop a android application (where we do not have to take any security in consideration so far...) I was more worried about performance than security when asking this. Also does the firebase storage bring encryption to the files compared to firebase real-time databases?
#AskFirebase published a video on GDPR and Privacy topics including many useful links to their policies. The RTDB vs. Firestore suggests that Firestore will be easier to use when it comes to geo-fencing your stored data. There's also an extensive talk on Serverless GDPR compliance. Lastly, Riya Sinha has an article on using client-side encryption with Firebase.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.