Managing firebase user collection and best practice

0
votes

New to Firebase and having read the documentation I still don't understand a couple of the things. Am building an administrative panel on client-side to manage crud operations on users and the app will not have a sign-up page admin handles the creation and activating users.

My understanding is Firebase does not store user data in "Firestore" the apps collection even if I create a user collection it will not automatically add the {email, displayName, password, phone, emailVerified, disabled} to it instead this data will be stored somewhere else and I can only access it by firebase-admin function.

If this is the case then is best practice would be to create an HTTP function for admin to create users give them roles and some how manually manage unique fields like {email, displayName, phone} and if I need to add more properties to a user I will need to create a profile collection and associate it to a user after creation. so all rules and validation need to be handled in the function what can trigger an error in admin.auth().createUser(newUser) whats best method to handle errors, can I have a global error handler, is there a project with best practices a boilerplate to get an idea on Firebase?

exports.createUser = functions.https.onCall(async (data, context) => {
    if (!context.auth) {
        createError('unauthenticated');
    }

    const roles = data.roles;
    if (!roleIsValid(roles) || !userValid(data)) {
        createError('dataInvalid');
    }

    const id= context.auth.uid;
    const caller = await admin.auth().getUser(id);
    if (!caller.customClaims.admin) {
        createError('notAdmin');
    }

    const newUser = {
        displayName: data.displayName,
        password: data.password,
        email: data.email,
        emailVerified: true,
        disabled: false
    }

   //todo: how to check all users if email, displayName, phone exists before creating user

    const user = await admin.auth().createUser(newUser);
    const userId = user.uid;

    const claims = {};
    roles.foreach(role => claims[role] = true);

    await admin.auth().setCustomUserClaims(userId, claims);
    await admin.firestore().collection("profile").doc(userId).set(data.profile);

    return {message: 'User successfully created.'};
});
1
javascriptfirebasefirebase-authentication

1 Answers

1
votes

Here I mention a general pattern where we're using firebase auth.createUserWithEmailAndPassword() for sign-up. When we create a user with firebase auth it automatically stores the basic information (email, providers, created-at, signed-in, user UID ) in authentication. But here we will maintain a collection in firestore to store the user information with some addition fields (let's say nickname for our app). And, whenever we need to fetch user info, we will fetch from the firestore collection as we will keep it up-to-date for our app.

  1. we create a user by auth.createUserWithEmailAndPassword, we know it'll return a object when the promise will be resolved, that object will contain user containing basic info about the user.

We will define a function that will do some major work:

   createUserProfileDocumentInFirestore(user, additionalData) {
       const snapshot = firestore.doc(`users/${user.id}`).get();
       if (!snapshot.exist) {
           // set the user collection here with additional data
       }
       // it can possibly return the user document from here to show in our app
   }
  1. Upon the completion of 1 we call createUserProfileDocumentInFirestore with user we got in 1 and other additional information.