Update auth, firestore, and hosting instructions (#9186)

kmandrika · web-flow · commit 99870a792d08 · 2025-09-25T09:23:28.000-04:00
diff --git a/src/mcp/resources/guides/init_auth.ts b/src/mcp/resources/guides/init_auth.ts
@@ -17,12 +17,19 @@ export const init_auth = resource(
           text: `
 ### Configure Firebase Authentication
 
-- **Permission Required**: Request developer permission before implementing authentication features
-- **Provider Setup**: Guide developers to enable authentication providers (Email/Password, Google Sign-in, etc.) in the [Firebase Auth Console](https://console.firebase.google.com/). Ask developers to confirm which authentication method they selected before proceeding to implementation.
-- **Implementation**: Create sign-up and login pages using Firebase Authentication.
-- **Security Rules**: Update Firestore security rules to ensure only authenticated users can access their own data
-- **Testing**: Recommend developers test the complete sign-up and sign-in flow to verify authentication functionality
-- **Next Steps**: Recommend deploying the application to production once authentication is verified and working properly
+**Permission & Setup:**
+- Request developer permission before implementing sign-up and login features
+- Guide developers to enable authentication providers (Email/Password, Google Sign-in, etc.) in the [Firebase Auth Console](https://console.firebase.google.com/)
+- Ask developers to confirm which authentication method they selected before proceeding
+
+**Implementation:**
+- Create sign-up and login pages using Firebase Authentication
+- Update Firestore security rules and deploy them to ensure only authenticated users can access their own data
+- Handle security rule updates automatically (do not ask developers to go to console)
+
+**Testing & Deployment:**
+- Test the complete sign-up and sign-in flow to verify authentication functionality
+- Deploy the application to production once authentication is verified and working properly
 `.trim(),
         },
       ],
diff --git a/src/mcp/resources/guides/init_firestore.ts b/src/mcp/resources/guides/init_firestore.ts
@@ -16,14 +16,23 @@ export const init_firestore = resource(
           text: `
 ### Setup Firestore Database
 
+**Database Setup:**
 - Set up Firebase Firestore as the primary database for the application
-- Implement client code for basic CRUD operations for the application
-- **Important**: Use the \`firebase deploy\` command to provision the database automatically. **Do not ask developers to go to the console to do it**.
-- **Environment**: Use production environment directly - avoid emulator for initial setup
-- **Verification**: Guide developers to verify database creation at the [Firebase Console](https://console.firebase.google.com/) by clicking on the "Firestore Database" tab in the left navigation to confirm the database is created.
-- **Testing**: Recommend developers test their application and verify data appears correctly in the console. Ask developers to confirm they can see their test data in the console before proceeding to the next step.
-- **Security**: Recommend implementing authentication if the application handles sensitive user data. Guide users to navigate to the "Firestore Database" section and click on the "Rules" tab to view and configure their security rules.
-- **Security Warning**: Alert developers against making Firestore security rules public (allowing read/write without authentication)
+- Implement client code for basic CRUD operations using Firestore SDK
+- Run \`firebase deploy\` command to provision the database automatically
+- Use production environment directly (avoid emulator for initial setup)
+
+**Verification & Testing:**
+- Only proceed to verification after running the \`firebase deploy\` command
+- Guide developers to verify database creation at the [Firebase Console](https://console.firebase.google.com/)
+- Navigate to "Firestore Database" in the left navigation to confirm database creation
+- Ask developers to test their application and confirm they can see test data in the console
+- Only proceed to the next step after confirmation
+
+**Security:**
+- Recommend implementing authentication if the application handles sensitive user data
+- Guide users to navigate to "Firestore Database" → "Rules" tab to configure security rules
+- **Warning**: Never make Firestore security rules public (allowing read/write without authentication)
 `.trim(),
         },
       ],
diff --git a/src/mcp/resources/guides/init_hosting.ts b/src/mcp/resources/guides/init_hosting.ts
@@ -17,10 +17,14 @@ export const init_hosting = resource(
           text: `
 ### Configure Firebase Hosting
 
+**When to Deploy:**
 - Introduce Firebase Hosting when developers are ready to deploy their application to production
-- **Alternative**: Developers can deploy later using the \`/deploy\` command
-- **Permission Required**: Request developer permission before implementing Firebase Hosting
-- **Deployment**: Configure Firebase Hosting and deploy the application to production
+- Alternative: Developers can deploy later using the \`/deploy\` command
+
+**Deployment Process:**
+- Request developer permission before implementing Firebase Hosting
+- Check security rules before deploying - do not deploy if rules are public without explicit confirmation
+- Configure Firebase Hosting and deploy the application to production
 `.trim(),
         },
       ],
