Brief Insight
Hi, good people.
Currently, I am building an app with Flutter and Firebase. The app’s database structure is like this >>
>>>>
Stores (Collection) -> *uid*(firebase generated uid) -> location(Collection) -> *lid*(unique location id)
-> items (collection)
-> orders (collection)
-> transactions (collection)
-> customer (collection)
-> .....
-> .....
-> etc collections
This is a nested collection structure in Firestore. I feel like this would let me write very less security rules for Firebase-Firestore. I am still not sure how secure this structure will be. But for now, I will just stick with this. [Enlighten me on this security, if I need to be. Thank you]
Now if a user signs in and gets authenticated by Firebase, then Firebase provides Its ‘User’ class that provides all of the necessary auth data including the uid. So regarding my database design with that uid I can show the user the store and its available locations(list) created by him when he first signed up and went through an onboarding process. *First feature where I would need the uid Then the user decides and selects a store location to operate and access relative data. By selecting a store location he set that location as the current store location and the app saves the user’s choice locally. That means now the app also knows the lid(unique location id). Now with both lid and uid users can read, and write items(Inventory), orders-transaction(Pos), etc. So for other features, lid and uid both doc-ids are must.
The Doubt
Now, Consider a scenario, In the app when the user wants all items of the store location, I would create a snapshot(real-time data fetching). So that if some doc of the item collection gets updated or deleted, the user would not need to refresh the screen. Similarly, there would be an orders snapshot and maybe some more. Remember, to access these sub-collections I would need both uid and lid.
Let’s say, now a user logs out from the store location [maybe he/she wants to see the condition of other locations of the store like a food franchise owner] or maybe even worse he/she does not like the app anymore and sign out from the app. That means the app now has no uid or lid.
But what about those Firestore real-time snapshots that are still listening and fetching data if changes happen in the relative database? Cause if they were a one-time call I would not have to worry as after the store logs out I would have deleted it from the local storage, so no lid would be available.
So my question is, does the Firebase SDK for the Flutter platform automatically stop the available snapshots that are currently listening to the Firestore collection, when there is no authenticated user available or do I need to keep on checking both the current user’s authentication state and the current store location state and close the snapshots manually from the app?
Sorry if I wrote too much and you had to read all to understand the problem. And Thank you for your time.
I tried to explain my doubt which relates to Firebase integration with Flutter and I expect some experienced Firebase-Flutter developer or Firebase team and Firebase SDK developer for Flutter would solve the doubt for me and if inthe future some other has the same doubt as me they would also get benefitted from the responses. Cause, I could not find one similar to this problem.
1
does the Firebase SDK for the Flutter platform automatically stop the available snapshots that are currently listening to the Firestore collection, when there is no authenticated user available
No, listeners don’t stop listening just because a user that was previously signed in becomes signed out.
However, if there was a security rule active that prevented an anonymous user from performing the query that was previously allowed when they were signed in, a listener on that query would stop and generate an error immediately after signout.
2