Firebase server files — upload to production (cPanel)

Upload these files to your hosting document root, preserving paths:

  api/firebase-service-account.local.json
  api/firebase-admin-bootstrap.local.php
  super-admin-panel/api/firebase-service-account.local.json
  super-admin-panel/api/firebase-admin-bootstrap.local.php

After upload (Linux/cPanel):
  chmod 600 api/firebase-service-account.local.json
  chmod 600 super-admin-panel/api/firebase-service-account.local.json
  chmod 644 api/firebase-admin-bootstrap.local.php
  chmod 644 super-admin-panel/api/firebase-admin-bootstrap.local.php

Smoke test on server (SSH or cPanel Terminal):
  cd public_html/api
  php firebase-smoke-test.php

  (Or one-liner:)
  php -r "require_once 'firebase-rtdb-admin.php'; \$b=include 'firebase-admin-bootstrap.local.php'; \$t=firebase_service_account_access_token(\$b['service_account_json_path']); echo isset(\$t['access_token'])?'OK':'ERR';"

Expect: OK

Local prep (Windows, from repo root):
  .\scripts\firebase-go-live.ps1
  .\scripts\prepare-production-upload.ps1

Firebase Console (arafstore-14938):
  1. Realtime Database enabled (US): https://arafstore-14938-default-rtdb.firebaseio.com
  2. Authentication → Email/Password enabled
  3. Authorized domains: your production domain + localhost (dev)
  4. RTDB Rules: paste repo database.rules.json → Publish (see FIREBASE_RULES_DEPLOY.md)

Security: This key was shared via chat. After go-live, rotate:
  See FIREBASE_KEY_ROTATION.md in repo root.
