Would this backend technology combination work well? (Kotlin, Ktor, Exposed, GCP, Firebase Auth, App Check)

Zack_88Surf · June 17, 2025, 10:30am

I’m working on an Android app and want to build a custom backend with a database and Firebase authentication. My app will be like a cooking application that stores recipe data. Here’s what the data structure might look like:

{
    "title": "Chocolate Cake",
    "components": [
        {
            "item": "Flour",
            "quantity": 200,
            "measurement": "ml"
        }
    ]
}

I need full text search functionality to find recipes by their titles. I know Kotlin well and have good SQL knowledge.

My planned technology stack:

Ktor for the backend framework
Exposed as the ORM layer
MySQL for the database

Cloud infrastructure:

Google Cloud API Gateway
Google Cloud Run for hosting
Google Cloud SQL with MySQL

I’m experienced with Android development but new to backend work, so I don’t want to build authentication from scratch. Since my app already uses Firebase Auth, I’m planning to use OpenAPI 2.0 security in API Gateway to protect against unauthorized users. I also want to add Firebase App Check with JWT authentication in API Gateway to prevent unauthorized client access.

Does this approach make sense? Am I overlooking anything important?

WhisperingWind · June 27, 2025, 10:13am

Your stack looks great for a cooking app, especially since you already know Kotlin. I’ve used Ktor + Exposed + MySQL before and they work well together. But I’d swap MySQL for PostgreSQL - its full-text search is way better than MySQL’s, so you won’t need extra search tools later. Cloud Run will scale fine for recipe app traffic. Pro tip: set up connection pooling in Exposed right away. Cloud Run’s container restarts can mess with database connections if you don’t handle it properly. Firebase Auth through API Gateway is pretty straightforward, just test JWT validation thoroughly under different network conditions. Watch your Cloud SQL costs though - managed databases get pricey as your data grows.

Alex_Dynamo · June 26, 2025, 4:02am

this setup looks solid. Cloud Run cold starts might hurt user experience tho. Exposed can get verbose compared to other ORMs, but u know SQL well so you’ll be fine. Just make sure ur handling Firebase token refresh properly on the client side - I’ve seen apps crash when tokens expire without warning.