SKILL: Firebase Platform Master Guide

Consolidated reference for AngularFire SDK and Firebase Data Connect (GQL + PostgreSQL).

🔥 1. AngularFire Core (SDK)

Real-time Database & Firestore

• Reactive Pattern: Use collectionData, docData and convert to signals using toSignal().
• Dependency Injection: Use inject(Firestore), inject(Auth), etc.
• Security: Security rules are the primary defense. Never trust the client.

Authentication

• State management: Track user status in an AuthStore.
• Guards: Use functional canActivate guards with Auth service.

⚡ 2. Firebase Data Connect (GQL + PostgreSQL)

Schema Workflow

• Schema First: Define @table in schema.gql.
• Generation: Run firebase dataconnect:sdk:generate after schema changes.
• Strict Types: Use the generated SDK; never edit dataconnect-generated/.

Directive Rules

• @table: Required for all database entities.
• @auth: Required for all types (No public access allowed).
• @default: Use for UUIDs (uuidV4()) and timestamps (request.time).
• @col(name: "..."): Map JSON keys to DB columns if different.

🏗️ 3. Integration with NgRx Signals

• Query Wrapping:

  export const MyStore = signalStore(
    withMethods((store, dc = inject(DataConnectService)) => ({
      loadData: rxMethod<void>(
        pipe(
          switchMap(() => dc.myDataQuery()),
          tapResponse({
            next: (res) => patchState(store, { data: res.data }),
            error: console.error,
          }),
        ),
      ),
    })),
  );
  

🔒 4. Security & Performance

• Secrets: Store Firebase API keys and config in environment.ts.
• Query Design: Fetch only required fields in GraphQL.
• Auth Pattern: @auth(rules: [{ allow: OWNER, ownerField: "userId" }]).
• No Hardcoded Secrets: Secrets must stay in environment variables or GCP Secret Manager.

Law: After any schema change, the SDK MUST be regenerated before editing application logic.