Skip to content

sapanparikh18/picturestream

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Firepano

A simple client-side photo sharing site.

How does it work?

The security model of this simple photo sharing app is predicated on having locations being unguessable. We construct paths into Firebase using a hash of the file being uploaded. Then, anyone that has access to the share-able link can then lookup the location in Firebase and view its contents.

A simple rule set is required to make sure none of the keys are enumerable from Firebase. This prevents retrieval of the keys from any of the Firebase clients, including REST endpoints. We also add a write rule to the photos so that once the data has been written, no one can override or delete data that already exists. The rules for this application are in rules.json.

Exercises for the reader

  1. Add a chat/comment system to each photo.
  2. Support logging in with Facebook/Twitter to manage photos: edits, removals, etc.
  3. Add metadata to indicate public/private photos.
  4. Add a realtime feed of newly uploaded photos.

License

MIT, except sha256.js.

sha256.js is part of CryptoJS which is distributed under the terms of this license (BSD 3-clause).

About

No description, website, or topics provided.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published