Great article Josh! You did a great job - I'm impressed. I also found it very useful with the project I'm currently working on.
One bit I'd like to suggest adding to your post is that Firestore Security Rules do allow for request sanitization. You mention sanitization once in reference to the logical layer but don't then mention that it is possible to prevent extra fields from being added to requests.
Great article Josh! You did a great job - I'm impressed. I also found it very useful with the project I'm currently working on.
One bit I'd like to suggest adding to your post is that Firestore Security Rules do allow for request sanitization. You mention sanitization once in reference to the logical layer but don't then mention that it is possible to prevent extra fields from being added to requests.
Here's a video at time that shows how to do it:
youtu.be/8Mzb9zmnbJs?t=1165