add env:
set -o allexport
source .env
set +o allexporttodo: doc authentication design
sensitive data:
FIREBASE_CREDENTIALS_BASE64=
CSRF_SECRET=
FIREBASE_INSENSITIVE_API_KEY=
FIREBASE_AUTH_DOMAIN=
GCP_PROJECT_NAME=
GCP_PROJECT_ID=
GCP_WIF_POOL_ID=
GCP_WIF_POOL_PROVIDER_ID=
IMPERSONATE_STORAGE_SERVICE_ACCOUNT=
GCS_BUCKET=
GCS_STORAGE_RO_SERVICE_ACCOUNT_KEY_BASE64=