将Firebase用户UID用于相关数据库条目的键 - 良好还是错误的做法? [英] Using Firebase User UIDs for keys of related DB entries - Good or Bad Practice?
问题描述
使用用户的UID(通过Firebase身份验证创建用户时由Firebase生成的)作为关联数据库条目的关键字时是否存在任何问题?
例如, ,在这里:
/config/user.uid/configObject
...每个用户都有一个配置项。由于Firebase的数据库规则(父节点上的设置适用于所有子节点),通常需要创建一个单独的配置树(以下示例中, / users 树需要读和写保护)。
我可以看到这可能是不好的做法的唯一原因是,如果用户的UID改变... Firebase是否保证这永远不会发生?任何我缺少的东西?
特定用户的UID永远不会改变(尽管他们做了改变几个月前的格式;旧格式包括供应商)。
这是一个很好的做法,在许多情况下是必要的,可能推荐的地方。您将需要将用户信息非规范化到多个节点,以获得更好的性能和授权。它可能看起来像这样的伪代码/规则:
$ $ p $ - users_private(.read:$ uid == auth.uid) pre>
- $ uid
- 电子邮件
- users_public(.read:true)
- $ uid
- 名字
- photo
- users_roles(.read:依赖于其他规则)
- $ uid
- is_admin
- is_editor
Are there any problems with using a user's UID (which is generated by Firebase upon user creation via Firebase Auth) as the key for associated database entries?
For example, here:
/config/user.uid/configObject
...each user has one config entry. Due to Firebase's database rules (where settings on a parent node apply to all child nodes) it's often necessary to create a separate config tree (following the example, where a /users tree needs to be read and write protected).
The only reason I can see that this might be bad practice is if the user's UID ever changes... Does Firebase guarantee that this will never happen? Anything I'm missing?
The UID for a particular user will never change (though they did change the format a few months ago; the old format included the provider).
It's a good practice, a necessary one in many cases, and probably recommended somewhere. You'll want to denormalize user info into multiple nodes for better performance and for authorization as you mentioned. It might look something like this in pseudo code/rules:
- users_private (.read: $uid == auth.uid)
- $uid
- email
- users_public (.read: true)
- $uid
- name
- photo
- users_roles (.read: dependent on some other rules)
- $uid
- is_admin
- is_editor
这篇关于将Firebase用户UID用于相关数据库条目的键 - 良好还是错误的做法?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
