I'm building an app that allows users to upload pictures and videos to Google Firebase Storage through an Android application. But I was thinking about an attacking scenario when an attacker tries to upload executable files or extremely heavy files (says 1 TB). To prevent that, I think I will let the client-side upload the file through Cloud Function instead (so we can verify the file before saving it). But if I solve the problem that way, then it will be very inefficient because we need to send the whole file's data to the cloud function.
So, should we allow users to upload file directly to the storage. And if yes, how can we prevent such attacking scenario (and similar ones)