| name | moai-baas-firebase-ext |
| version | 4.0.0 |
| status | stable |
| updated | Thu Nov 20 2025 00:00:00 GMT+0000 (Coordinated Universal Time) |
| description | Enterprise Firebase Platform with AI-powered Google Cloud integration, Context7 integration |
| category | BaaS |
| allowed-tools | Read, Bash, Write, Edit, WebFetch, mcp__context7__resolve-library-id, mcp__context7__get-library-docs |
moai-baas-firebase-ext: Enterprise Firebase Platform
AI-powered Firebase with Google Cloud integration for scalable mobile and web applications
Trust Score: 9.7/10 | Version: 4.0.0 | Last Updated: 2025-11-20
Overview
Enterprise Firebase Platform expert with:
- Firestore: NoSQL document database with real-time synchronization
- Authentication: Multi-provider auth with social and enterprise support
- Cloud Functions: Serverless backend with auto-scaling
- Firebase Hosting: Global web hosting with CDN and SSL
- Google Cloud Integration: BigQuery, Cloud Run, advanced monitoring
Performance:
- Firestore: P95 < 100ms query latency
- Realtime Database: P95 < 150ms sync latency
- Cloud Functions: Sub-second cold starts, 1M+ concurrent
Core Implementation
Firebase Admin Setup
// Firebase Admin SDK Configuration
import { initializeApp, cert, getApps, getApp } from 'firebase-admin/app';
import { getFirestore, Firestore } from 'firebase-admin/firestore';
import { getAuth, Auth } from 'firebase-admin/auth';
import { getFunctions, Functions } from 'firebase-admin/functions';
import { getStorage, Storage } from 'firebase-admin/storage';
interface FirebaseConfig {
projectId: string;
clientEmail: string;
privateKey: string;
databaseURL: string;
storageBucket: string;
}
export class FirebaseManager {
private app: any;
private firestore: Firestore;
private auth: Auth;
private functions: Functions;
private storage: Storage;
constructor(config: FirebaseConfig) {
this.app = !getApps().length ? initializeApp({
credential: cert({
projectId: config.projectId,
clientEmail: config.clientEmail,
privateKey: config.privateKey.replace(/\\n/g, '\n'),
}),
databaseURL: config.databaseURL,
storageBucket: config.storageBucket,
}) : getApp();
this.firestore = getFirestore(this.app);
this.auth = getAuth(this.app);
this.functions = getFunctions(this.app);
this.storage = getStorage(this.app);
}
// Getters for service instances
getFirestore(): Firestore { return this.firestore; }
getAuth(): Auth { return this.auth; }
getFunctions(): Functions { return this.functions; }
getStorage(): Storage { return this.storage; }
}
Advanced Firestore Operations
// Batch Operations and Querying
export class FirestoreService {
constructor(private firestore: Firestore) {}
async batchUpdate(
updates: Array<{ collection: string; docId: string; data: any }>
): Promise<void> {
const batch = this.firestore.batch();
for (const update of updates) {
const docRef = doc(this.firestore, update.collection, update.docId);
batch.set(docRef, {
...update.data,
updatedAt: new Date(),
}, { merge: true });
}
await batch.commit();
}
async queryWithPagination<T>(
collectionPath: string,
pageSize: number = 20,
startAfter?: string,
orderBy: string = 'createdAt'
): Promise<{ data: T[]; hasNext: boolean; lastDocId?: string }> {
let queryRef = collection(this.firestore, collectionPath);
queryRef = query(queryRef, orderBy(orderBy, 'desc'));
queryRef = query(queryRef, limit(pageSize + 1));
if (startAfter) {
const startDoc = await getDoc(doc(this.firestore, collectionPath, startAfter));
queryRef = query(queryRef, startAfter(startDoc));
}
const snapshot = await getDocs(queryRef);
const documents = snapshot.docs.map(doc => ({
id: doc.id,
...doc.data(),
} as T));
const hasNext = documents.length > pageSize;
const data = hasNext ? documents.slice(0, -1) : documents;
const lastDocId = data.length > 0 ? data[data.length - 1].id : undefined;
return { data, hasNext, lastDocId };
}
// Real-time subscription
subscribeToRealtimeUpdates<T>(
collectionPath: string,
filters: Array<{
type: 'where' | 'orderBy' | 'limit';
field?: string;
operator?: '<' | '<=' | '==' | '!=' | '>=' | '>';
value?: any;
direction?: 'asc' | 'desc';
}> = [],
callback: (data: T[]) => void
): () => void {
let queryRef = collection(this.firestore, collectionPath);
for (const filter of filters) {
if (filter.type === 'where' && filter.field && filter.operator && filter.value !== undefined) {
queryRef = query(queryRef, where(filter.field, filter.operator, filter.value));
} else if (filter.type === 'orderBy' && filter.field) {
queryRef = query(queryRef, orderBy(filter.field, filter.direction || 'asc'));
} else if (filter.type === 'limit' && filter.value !== undefined) {
queryRef = query(queryRef, limit(filter.value));
}
}
return onSnapshot(queryRef, (snapshot) => {
const data: T[] = [];
snapshot.forEach((doc) => {
data.push({ id: doc.id, ...doc.data() } as T);
});
callback(data);
});
}
}
Authentication Service
// Advanced Authentication with Custom Claims
export class AuthService {
constructor(private auth: Auth) {}
async authenticateUser(
uid: string,
customClaims: Record<string, any> = {}
): Promise<{ success: boolean; user?: any; error?: string }> {
try {
await this.auth.setCustomUserClaims(uid, customClaims);
const userRecord = await this.auth.getUser(uid);
return {
success: true,
user: {
uid: userRecord.uid,
email: userRecord.email,
displayName: userRecord.displayName,
photoURL: userRecord.photoURL,
emailVerified: userRecord.emailVerified,
customClaims: userRecord.customClaims,
},
};
} catch (error) {
return {
success: false,
error: error.message,
};
}
}
async createCustomToken(uid: string, additionalClaims?: Record<string, any>): Promise<string> {
return await this.auth.createCustomToken(uid, additionalClaims);
}
async verifyIdToken(idToken: string): Promise<any> {
return await this.auth.verifyIdToken(idToken);
}
async revokeRefreshTokens(uid: string): Promise<void> {
await this.auth.revokeRefreshTokens(uid);
}
}
Cloud Functions Service
// Cloud Functions with Error Handling
export class FunctionsService {
constructor(private functions: Functions) {}
async callFunction<T = any>(
functionName: string,
data: any,
timeout: number = 54000
): Promise<{ success: boolean; data?: T; error?: string; code?: string }> {
try {
const functionRef = this.functions.httpsCallable(functionName);
const result = await functionRef(data);
return {
success: true,
data: result.data,
};
} catch (error) {
return {
success: false,
error: error.message,
code: error.code,
};
}
}
}
Storage Service
// File Storage with Metadata
export class StorageService {
constructor(private storage: Storage) {}
async uploadFile(
filePath: string,
fileData: Buffer,
metadata: {
contentType: string;
uploadedBy: string;
originalName: string;
description?: string;
tags?: string[];
makePublic?: boolean;
}
): Promise<{ success: boolean; publicUrl?: string; size?: number; error?: string }> {
try {
const bucket = this.storage.bucket();
const file = bucket.file(filePath);
await file.save(fileData, {
metadata: {
contentType: metadata.contentType,
metadata: {
uploadedBy: metadata.uploadedBy,
originalName: metadata.originalName,
description: metadata.description || '',
tags: JSON.stringify(metadata.tags || []),
},
},
});
if (metadata.makePublic) {
await file.makePublic();
return {
success: true,
publicUrl: file.publicUrl(),
size: fileData.length,
};
}
return {
success: true,
size: fileData.length,
};
} catch (error) {
return {
success: false,
error: error.message,
};
}
}
async deleteFile(filePath: string): Promise<{ success: boolean; error?: string }> {
try {
const bucket = this.storage.bucket();
await bucket.file(filePath).delete();
return { success: true };
} catch (error) {
return {
success: false,
error: error.message,
};
}
}
getFileSignedUrl(filePath: string, expiresInSeconds: number = 3600): Promise<string> {
const bucket = this.storage.bucket();
const file = bucket.file(filePath);
return file.getSignedUrl({
action: 'read',
expires: Date.now() + expiresInSeconds * 1000,
}).then(([url]) => url);
}
}
Real-time Synchronization
// Real-time Data Sync Manager
export class RealtimeSyncManager {
private subscriptions: Map<string, () => void> = new Map();
constructor(
private firestoreService: FirestoreService,
private authService: AuthService
) {}
syncUserData(userId: string, callback: (userData: any) => void): () => void {
const unsubscribe = this.firestoreService.subscribeToRealtimeUpdates(
`users/${userId}/profile`,
[],
(data) => {
if (data.length > 0) {
callback(data[0]);
}
}
);
this.subscriptions.set(`userData-${userId}`, unsubscribe);
return unsubscribe;
}
syncCollaborativeDocument(
documentId: string,
callback: (data: any) => void
): () => void {
const unsubscribe = this.firestoreService.subscribeToRealtimeUpdates(
`collaborative/${documentId}`,
[
{ type: 'orderBy', field: 'updatedAt', direction: 'desc' },
{ type: 'limit', value: 100 },
],
callback
);
this.subscriptions.set(`collaborative-${documentId}`, unsubscribe);
return unsubscribe;
}
cancelAllSubscriptions(): void {
for (const unsubscribe of this.subscriptions.values()) {
unsubscribe();
}
this.subscriptions.clear();
}
}
Cloud Functions Examples
TypeScript Cloud Functions
// Cloud Function with Firestore Trigger
import { FirestoreEvent } from 'firebase-functions/v2/firestore';
import { onDocumentUpdated } from 'firebase-functions/v2/firestore';
import { logger } from 'firebase-functions/v2';
export const onUserUpdate = onDocumentUpdated(
'users/{userId}',
async (event: FirestoreEvent) => {
const before = event.data?.before.data();
const after = event.data?.after.data();
if (!before || !after) return;
// Log changes
logger.log(`User ${event.params.userId} updated`);
// Send notification if email verified
if (!before.emailVerified && after.emailVerified) {
await sendWelcomeNotification(event.params.userId);
}
// Update analytics
await updateUserAnalytics(event.params.userId, after);
}
);
// HTTP Cloud Function with Authentication
import { onRequest } from 'firebase-functions/v2/https';
import { cors } from 'firebase-functions/v2/https';
export const getUserProfile = onRequest(
{ cors: true },
async (req, res) => {
if (req.method !== 'GET') {
res.status(405).json({ error: 'Method not allowed' });
return;
}
try {
const authHeader = req.headers.authorization;
if (!authHeader || !authHeader.startsWith('Bearer ')) {
res.status(401).json({ error: 'Unauthorized' });
return;
}
const token = authHeader.substring(7);
const decoded = await admin.auth().verifyIdToken(token);
const userDoc = await admin.firestore()
.collection('users')
.doc(decoded.uid)
.get();
if (!userDoc.exists) {
res.status(404).json({ error: 'User not found' });
return;
}
res.json({
id: userDoc.id,
...userDoc.data()
});
} catch (error) {
logger.error('Error getting user profile:', error);
res.status(500).json({ error: 'Internal server error' });
}
}
);
async function sendWelcomeNotification(userId: string): Promise<void> {
// Implementation for sending notification
}
async function updateUserAnalytics(userId: string, userData: any): Promise<void> {
// Implementation for updating analytics
}
Python Cloud Functions
# Python Cloud Function for Data Processing
from firebase_functions import https_fn, firestore_fn
from firebase_admin import firestore, auth
import json
@https_fn.on_request()
def process_user_data(request: https_fn.Request) -> https_fn.Response:
"""Process and validate user data."""
if request.method != 'POST':
return https_fn.Response(
json.dumps({"error": "Method not allowed"}),
status=405,
mimetype="application/json"
)
try:
data = request.get_json()
user_id = data.get('user_id')
user_data = data.get('user_data')
if not user_id or not user_data:
return https_fn.Response(
json.dumps({"error": "Missing required fields"}),
status=400,
mimetype="application/json"
)
# Validate user data
validated_data = validate_user_data(user_data)
# Update Firestore
db = firestore.client()
db.collection('users').document(user_id).set({
**validated_data,
'updated_at': firestore.SERVER_TIMESTAMP,
'processed': True
}, merge=True)
return https_fn.Response(
json.dumps({"success": True, "message": "Data processed successfully"}),
status=200,
mimetype="application/json"
)
except Exception as e:
return https_fn.Response(
json.dumps({"error": str(e)}),
status=500,
mimetype="application/json"
)
def validate_user_data(data: dict) -> dict:
"""Validate and sanitize user data."""
required_fields = ['email', 'name']
validated = {}
for field in required_fields:
if field not in data or not data[field]:
raise ValueError(f"Missing required field: {field}")
validated[field] = str(data[field]).strip()
# Optional fields
optional_fields = ['phone', 'address', 'bio']
for field in optional_fields:
if field in data:
validated[field] = str(data[field]).strip()
return validated
Google Cloud Integration
BigQuery Integration
// BigQuery Analytics Integration
export class BigQueryService {
private bigquery: any; // BigQuery client
constructor() {
// Initialize BigQuery client
}
async exportUserDataToBigQuery(): Promise<void> {
const query = `
INSERT INTO \`your-project.analytics.user_events\`
SELECT
uid,
email,
createdAt,
lastLoginAt,
EXTRACT(DATE FROM createdAt) as event_date
FROM \`your-project.firestore.users\`
WHERE createdAt >= TIMESTAMP_SUB(CURRENT_TIMESTAMP(), INTERVAL 1 DAY)
`;
try {
const [job] = await this.bigquery.createQueryJob({ query });
await job.getQueryResults();
console.log('User data exported to BigQuery');
} catch (error) {
console.error('Error exporting to BigQuery:', error);
}
}
}
Cloud Run Deployment
# cloudrun-service.yaml
apiVersion: serving.knative.dev/v1
kind: Service
metadata:
name: firebase-extension
annotations:
run.googleapis.com/ingress: all
spec:
template:
metadata:
annotations:
autoscaling.knative.dev/maxScale: '10'
run.googleapis.com/cpu-throttling: 'false'
spec:
containerConcurrency: 10
timeoutSeconds: 300
containers:
- image: gcr.io/your-project/firebase-extension:latest
ports:
- containerPort: 8080
env:
- name: FIREBASE_CONFIG
valueFrom:
secretKeyRef:
name: firebase-secrets
key: config
resources:
limits:
cpu: '1'
memory: '512Mi'
Security Best Practices
Firestore Security Rules
// firestore.rules
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
// Users can only read/write their own documents
match /users/{userId} {
allow read, write: if request.auth != null && request.auth.uid == userId;
// Public profile is readable by all authenticated users
match /profile/{document=**} {
allow read: if request.auth != null;
allow write: if request.auth != null && request.auth.uid == userId;
}
}
// Posts are readable by all, writable only by authenticated users
match /posts/{postId} {
allow read: if true;
allow create: if request.auth != null &&
request.auth.token.email_verified == true &&
request.resource.data.keys().hasAll(['title', 'content']);
allow update, delete: if request.auth != null &&
resource.data.userId == request.auth.uid;
}
// Collaborative documents with team-based access
match /teams/{teamId}/{document=**} {
allow read, write: if request.auth != null &&
request.auth.token.teamId == teamId;
}
}
}
Authentication Security
// Security Configuration
export const authConfig = {
// Require email verification
emailVerificationRequired: true,
// Password policy
passwordPolicy: {
minLength: 8,
requireUppercase: true,
requireLowercase: true,
requireNumbers: true,
requireSpecialChars: true,
},
// Session management
sessionCookie: {
expiresIn: 60 * 60 * 24 * 5, // 5 days
secure: process.env.NODE_ENV === 'production',
httpOnly: true,
sameSite: 'strict',
},
// Rate limiting
rateLimit: {
maxAttempts: 5,
windowMs: 15 * 60 * 1000, // 15 minutes
},
};
Performance Optimization
Firestore Query Optimization
// Optimized Queries
export class QueryOptimizer {
// Use composite indexes for complex queries
async getActiveUsersWithLastLogin(): Promise<any[]> {
const db = getFirestore();
const q = query(
collection(db, 'users'),
where('status', '==', 'active'),
where('lastLoginAt', '>=', new Date(Date.now() - 30 * 24 * 60 * 60 * 1000)),
orderBy('lastLoginAt', 'desc'),
limit(100)
);
const snapshot = await getDocs(q);
return snapshot.docs.map(doc => ({ id: doc.id, ...doc.data() }));
}
// Batch reads for efficiency
async getUsersByIds(userIds: string[]): Promise<any[]> {
const db = getFirestore();
const queries = userIds.map(userId => doc(db, 'users', userId));
const snapshots = await getDocs(query(collection(db, 'users'),
where(documentId(), 'in', userIds)));
return snapshots.docs.map(doc => ({ id: doc.id, ...doc.data() }));
}
// Pagination with cursor
async paginateUsers(pageSize: number, startAfter?: string): Promise<any> {
const db = getFirestore();
let q = query(
collection(db, 'users'),
orderBy('createdAt', 'desc'),
limit(pageSize + 1)
);
if (startAfter) {
const startDoc = await getDoc(doc(db, 'users', startAfter));
q = query(q, startAfter(startDoc));
}
const snapshot = await getDocs(q);
const documents = snapshot.docs.map(doc => ({ id: doc.id, ...doc.data() }));
const hasNext = documents.length > pageSize;
const data = hasNext ? documents.slice(0, -1) : documents;
return {
data,
hasNext,
lastDocId: data.length > 0 ? data[data.length - 1].id : null,
};
}
}
Quick Reference
Essential Commands
# Firebase CLI
firebase login
firebase init
firebase deploy
firebase serve
# Firestore operations
firebase firestore:create
firebase firestore:update
firebase firestore:delete
# Functions deployment
firebase deploy --only functions
firebase functions:shell
# Hosting deployment
firebase deploy --only hosting
firebase hosting:disable
Environment Configuration
// Environment-specific configuration
const firebaseConfig = {
development: {
projectId: 'your-dev-project',
databaseURL: 'https://your-dev-project.firebaseio.com',
storageBucket: 'your-dev-project.appspot.com',
},
production: {
projectId: 'your-prod-project',
databaseURL: 'https://your-prod-project.firebaseio.com',
storageBucket: 'your-prod-project.appspot.com',
},
};
export default firebaseConfig[process.env.NODE_ENV || 'development'];
Monitoring & Analytics
Error Tracking
// Error handling and logging
export class ErrorTracker {
static trackError(error: Error, context?: any): void {
console.error('Firebase Error:', {
message: error.message,
stack: error.stack,
context,
timestamp: new Date().toISOString(),
});
// Send to error reporting service
// e.g., Sentry, Firebase Crashlytics
}
static async logPerformanceMetric(operation: string, duration: number): Promise<void> {
const db = getFirestore();
await addDoc(collection(db, 'performance_metrics'), {
operation,
duration,
timestamp: new Date(),
});
}
}
Last Updated: 2025-11-20 Status: Production Ready | Enterprise Approved Features: Firestore, Authentication, Cloud Functions, Google Cloud Integration