- Assuming you use Firestore Assuming you use Firestore
- Basic Design Rule Basic Design Rule
- Design your documents for display Design your documents for display
- Firestore is slow to load Firestore is slow to load
- Firebase Client and Firebase Admin SDK Firebase Client and Firebase Admin SDK
- Using Security Rule to control browsing permissions Using Security Rule to control browsing permissions
In this article, I will introduce the basic design concept of Document DB in Firebase / Firestore.
I'm still learning Firebase and don't know enough about it, so there may be some mistakes. I am also revising the description as I gain more experience in the near feature.
Assuming you use Firestore
Firestore is a NoSQL (Document Database). When designing, please be aware of Firestore and NoSQL implementation rules and security concepts.
Basic Design Rule
Design your documents for display
In the case of a document DB, try to pack the object with the data needed for display. Design your document fields so that you can get the data you need for display in a single fetch.
Firestore is slow to load
Firestore is a distributed document DB, so it is slow to load and takes a long time. It also charges a fee based on the number of times it is loaded.
With this in mind, please implement your code in such a way as to minimize the number of times it is loaded.
Also, take advantage of Static Site Generation (SSG) and Incremental Static Regeneration (ISR) in Next.js and implement them so that the slow loading of Firestore does not affect the user experience.
Firebase Client and Firebase Admin SDK
We will use Firebase SDK for Client and Firebase Admin SDK for API.
- Firebase Client: https://firebase.google.com/docs/firestore/client/libraries
- Firebase Admin SDK: https://firebase.google.com/docs/admin/setup
Documents that you want to restrict who can see should be designed so that they can only be retrieved by FirebaseAdmin.
The Client should only be able to access data that anyone can see.
Use the Firebase Admin SDK on the API side to manipulate data that you want to restrict who can see, or data that only some people are allowed to update.
As an exception, data that can only be updated by the Client user can be updated by the Client using the Security Rule described below.
Using Security Rule to control browsing permissions
In Firebase, use the Security Rule to control the browsing permissions.
Basically, you should keep separate documents for data that anyone can see and data that you want to restrict who can see.