i want to setup a firestore-redux integration into my web app but instead of using the auth to email authenticate and define 'users' collection, i'd want to know if it is possible for a user to use his private key to sign a message and store the hash as the "auth.uid" for firebase? example: instead of using auth config like this:
// react-redux-firebase config
const rrfConfig = {
userProfile: 'users'
UseFirestoreForProfile: true // Firestore for Profile instead of Realtime DB
}
and instead of setting security rules like this:
// security rules
service cloud.firestore {
match /databases/{database}/documents {
// Allow only authenticated content owners access
match /some_collection/{userId}/{documents=**} {
allow read, write: if request.auth != null && request.auth.uid == userId
}
}
}
can we have a custom config where the document key is the user's public key which is verified in the security rules (for read and write) using the signature hash of user's private key?
// react-redux-firebase config
const rrfConfig = {
userProfile: <<some public key or ethereum address of user>>
UseFirestoreForProfile: true // Firestore for Profile instead of Realtime DB
}
// security rules
service cloud.firestore {
match /databases/{database}/documents {
// Allow only authenticated content owners access
match /some_collection/{userPubKey}/{documents=**} {
allow read, write: if request.data.signHash!= null && request.data.signHash == resource.data.signHash
}
}
}
This will be relevant when using ethereum (blockchain) account based authentication for firebase storage, instead of the usual email based.