[SOLVED] Performance / Security best practice for storing user data.

On user account creation I save certain attributes of user data that I query as and when required. Just want to ask, from a performance and security standpoint, what's the difference if I store said information in users Auth Prefs or a separate DB collection ?

Any specific speed, performance or security related differences or either way is more of less exactly the same just DB will provide more fine grain quering ?

@punti_z the DB would allow for easier querying (user prefs aren't queryable by default)

I'd want to raise a question on what the intended usage is, to help clarify which of the two are better fit for your purpose

Complementing what @Aditya Oberai said, user preferences can be edited by the user, if you don't want that behavior, a collection will be better as you'll have more control

Things like user app preferences i.e., dark/light mode, that would be queried everytime user opens the app to ensure they synced across devices. My concern specifically was more around performance and load on the DB, but the more I think about it since both will use database to store and retrieve information, assuming high traffic performance either way should be the same in which case in would prefer the database.

You'd need to make a call in either case

The idea with the separate user prefs endpoint was to simplify the experience, especially for attributes that don't need to be changed too often, so you call them once and maintain state.

In your case, the DB might provide you with more flexibility, especially if you expect these to change frequently and need to query often.

Thanks

[SOLVED] Performance / Security best practice for storing user data.