Server side submission process for maximum security

The simplest way to upload files to a server is by allowing the database to be publicly writeable, and have the client send files as needed. However, this is not a safe method, since there is no way to enfore security. Any data can be uploaded at any time.

With a client side submission process, if a user can upload a file, then a malicious user can as well. This is why Print Submit uses a server side submission process.

The basic process behind this is to first verify the request, then send a temporary storage key to the user which can be used to upload files. This allows for the database and storage and be locked, which provides security against attacks and malicious users.

Secure storage for Gmail access credentials

Since the email account which is authorized to send emails i'snt necessarily the account used to register with Print Submit, the credentials must be kept seperately. In order to store the credentials, they are stored in a secure database document which cannot be written to or read from by the client, which allows for maxium security. This means that the only way to store them is to use a server side Cloud Function.

By only using the server to read and write from the document which stores credentials, it allows the credentials to be kept secure and prevent any unauthorized users from accessing them.