I have been a Firebase user for quite a few years now, since 2016. In that time, I have seen Firebase grow and change as a product. I have also seen the problems people have had with it, as well as the successes.
Googling opinions on Firebase will yield mixed results.
Some are for Firebase and its all-inclusive platform offering features like authentication, a NoSQL database called Firestore, storage, hosting, Firebase Functions (basically AWS Lambda, Google Cloud Functions). Others advise against Firebase because of issues around costs and how the use of resources (reads and writes) are counted.
The biggest upside (and possibly a downside) is that Firebase makes it easy to build applications on it. Perhaps its best feature is Firebase Authentication, allowing you to use the SDK to easily add in a plethora of different authentication options as well as numerous OAuth providers.
The authentication feature alone is a massive selling point of Firebase, it saves you hours (possibly days) of authentication-related headaches, especially for OAuth authentication which in 2020 can still be a painful nightmare to implement.
However, a consideration when using Firebase is that you’re locking yourself into the Firebase ecosystem. At present, Firebase does not make migrating to a different platform or provider easy. If you want to migrate away, you have to write your own migration scripts and handle it yourself.
If you are not careful in how you write your Firestore rules or if you make reads from within the rules themselves, it is possible if you get a lot of traffic to run up a huge bill because you didn’t properly architect your app and optimise reads or writes.
Fortunately, Firebase has billing alerts these days, so nasty surprises should be a thing of the past. I personally have never run into any problems with billing, I don’t think I have ever paid for than a few cents for my Firebase usage, if ever. The free limits are generous. I always spend a lot of time carefully writing my Firestore rules.
I am more than capable as a developer of writing my own simple Node.js backends, but do I trust them? Not really. Firebase gives you a platform, but they also take care of some of the security behind-the-scenes for you as well. You don’t have to worry about XSS attacks or SQL injection attacks, vulnerabilities in servers or backend frameworks.
From a plug and play perspective, Firebase gives you a tonne of stuff as soon as you turn it on. You just have to be careful about having open public databases, never run in test mode and work your way back from there by opening things up through rules.
As for apps, I have a few I’ve done over the years. My most recent Firebase app is Tidyfork, it uses cloud functions as well as authentication to log users into GitHub. The beautiful thing about the client-side SDK is that it even supports scopes for OAuth.
Conclusion
With Firebase, I am of the opinion the good outweighs the bad. Sure, it’s possible it could get expensive for large-scale use and you might need to migrate. However, if you’re a hobby programmer or working on a side-project or startup that has a high chance of failing anyway, Firebase is a safe bet.
You should use Firebase, unless, of course, you don’t want too. And in that case, use something else.
