How to send non-persistent value to Cloud Firestore?

Question

I want to send some value for a field to Cloud Firestore, but I dont want to be persist(saved) in Cloud Firestore.

Code:

const message = {
  persistentData: {
     id: 'dSXYdieiwoDUEUWOssd',
     text: 'Hi dear how are you',
     date: new Date();
  },

  nonPersistentData: {
    securityCode: 393929949
  }
};

db.collection('messages').doc(message.persistentData.id).set(message).catch(e => {});

In above code I want to persit (save) persistentData, but I dont want to save nonPersistentData online nor offline, because I only need them to check real data in Firestore rule. So I dont want they should be accessible in cache(offline) or server(online)...

Akshay Jain · Answer 1 · 2020-04-24T07:25:32.963

2

This is simply not possible with firestore. There is a similar question here. You need to separate the data into public (persistent) and private data (non-persistent). One possible solution will be-

From the client, push the private data which contains the securityCode to a new collection called securityCodes and store the id of the new entry. Because you don't want this info to be available to anyone, you can add a security rule

match /securityCodes/{securityCode} {
  // No one can read the value from this collection, but only create
  allow create: true;
}

In your public data, add the id of the previously added document

data = {
  id: 'dSXYdieiwoDUEUWOssd',
  text: 'Hi dear how are you',
  date: new Date(),
  securityId: <id of the secretCode entry>
}

In your security rules, get the secret code using the securityId you are sending with the public data. Example-

match /collectionId/documentId {
  allow create: if get(/secretCodes/$(request.resource.data.secretId)) == 'someknowncode'
}

edited Apr 24 '20 at 07:25

answered Apr 24 '20 at 06:36

Akshay Jain

884
5
19

Thank you to answer, here `securityId` again is available in public data as offline and online which I dont want, I want to only push securityCode with public data until I cant check it and `Firestore rules` once checked then I allowed to `write or read`. and then data once has read or has wrote. then the securityCode should be gone (deleted) and should be not exists in db. – Muhammad Apr 24 '20 at 08:32
securityCodes will not be available for anyone to read because you would add the security rule as per the first step. So, it won't be available online or offline anywhere except for the admin-sdk and security rules. and if you want to delete it after you verify it, you can use cloud functions with admin-sdk – Akshay Jain Apr 24 '20 at 10:22
Thank you, Here as you coded `data = { id: 'dSXYdieiwoDUEUWOssd', text: 'Hi dear how are you', date: new Date(), securityId: }` the `securityId` goes with public data, and saves to Firestore, so then it can available with messages online and offline Am I wrong ? – Muhammad Apr 24 '20 at 10:42
1

Only the id is available, its like only a random value for the users as they can't read the actual securityCode using the id. – Akshay Jain Apr 24 '20 at 10:43

How to send non-persistent value to Cloud Firestore?

1 Answers1