Alex Klibisz

My Firebase Wish List

Alex Klibisz, 2/12/2016

I’ve recently been developing StudyLoop, primarily using as the datastore. I’m generally extremely happy with the product and the speed with which it has allowed us to develop our platform for iOS and Web. Here are a few things items that I’ve found missing for Firebase while developing — a wishlist so to speak.

An API for linking standard Firebase password/email accounts to social media accounts.

Right now an accepted solution is to use a high level mapping (SO question). For example, the user’s Facebook ID would map to the user’s standard account ID. The problem here is that this makes writing security rules very difficult, and almost impossible if you’re not using one of the the rules compilers (Blaze and Bolt).

An API for deleting Firebase password/email accounts.

This one might be controversial. In our case, we run integration tests with a new “test” user at each test run. This makes for a very messy users list on our staging Firebase.

Backups for users below the $150 Bonfire plan.

There are serious projects out there that still can’t justify the Bonfire plan. For the time-being, I hacked together an alternative and called it Firebak.

Rules to enforce unique values for specific object properties.

Again, this can be enforced using a mapping, but the rules can get very nasty. For example, email addresses can contain many of the forbidden Firebase key characters ([, ], #, etc.). Here is how we use the blaze compiler to verify that a user has a unique email address:

# user-mapping will contain email addresses as keys and the corresponding user id as the value
 # this checks that key/val to make sure that a user with this email doesn’t already exist,
 # or that the user is the currently logged in user. The email has to be sanitized, hence the
 # stupid long replace chain. I apologize for doing this.
 — isUniqueEmail(email): (root[‘user-mapping’][(email.val().replace(‘.’, ‘%1%’).replace(‘#’, ‘%2%’).replace(‘$’, ‘%3%’).replace(‘[‘, ‘%4%’).replace(‘]’, ‘%5%’))] === null) || (root[‘user-mapping’][email.val().replace(‘.’, ‘%1%’).replace(‘#’, ‘%2%’).replace(‘$’, ‘%3%’).replace(‘[‘, ‘%4%’).replace(‘]’, ‘%5%’)].userId === auth.uid)

Built-in email verification.

This is pretty much an expected thing for user-management systems these days, and it can be tedious to build with Firebase. In fact, it was not possible for our app without incorporating our own server-side code.

Related Posts