Building an app with secure database requests?

Hello !

I have built websites for some times and just getting started with building applications with Ionic. I would like to build an App that is also accesible from a domain name with auths and database requests.

My question is : How do I go about it ? I was thinking about building the web part using PHP and JS and implement an API with JWT that the actual application can make requests to access datas from the database. Does that make sense and is it possible ? I see most people use NodeJS for application auth etc, but can we use it for other database related stuff too?

I would recommend considering Firebase for authentication, database and server side code (cloud functions). It works really well with angular and is really well documented.

I read a bit about Firebase, would it be as secure as using PHP ?

Firebase is developed and maintained by Google, you’re in good hands.
For authentication I would say it will be at least as secure as your own pre-built system. Database rules take care of database integrity, so provided you set those correctly I wouldn’t be worrying about security. Firebase functions is having your server code running on Google servers.

I’ll read more on that. Like my biggest worry right now is what stops someone from reading my Auth keys for firebase or unpacking my app codes and doing whatever they want with my database ?

Yea you need to read more about how it all works together. Thousands of people wouldn’t use this stack if it had flaws like that.