So I’m planning on implementing a queued function call using Firebase RTDB and Cloud Functions.
The plan being for a user to write arguments to a Firebase location (via my app), and have the cloud function call the function via the Particle API when the device comes online after a sleep cycle (it publishes an “alive” event).
I think this should be relatively easy to implement but I’m wondering if anyone has any security tips for ensuring only appropriate/valid users are able to call functions on any particular device? Like perhaps a private key system? This is as much to protect against bugs as it is against actual nefarious intent.
EDIT: I should add that only authenticated users can write to the DB, and furthermore that this is more of a firebase question than a Particle one… hopefully that’s okay with the community!