Server functions and security #4132
-
|
Hi folks, Could anyone give me a hint how to start a search for how to implement some security? |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments 2 replies
-
|
This will depend entirely on your application. Think of a server function as a public API endpoint, which can be "called" by someone making an HTTP request with any arguments. What would you need to do to secure it? For example, you might need to check user authentication/authorization inside the server function, to see whether the user making the request is allowed to do what this server function does. All the same questions and concerns apply as would if you were creating a REST API endpoint, because that's what it is. |
Beta Was this translation helpful? Give feedback.
-
|
I didn't expect YOU to answer in persona, thanks a lot for the hint! I will check it out. |
Beta Was this translation helpful? Give feedback.
-
|
I am pretty much the only person who monitors GitHub Discussions regularly -- if you're interested in more casual chat with a larger community, I'd recommend joining the Discord (link in README) |
Beta Was this translation helpful? Give feedback.
-
|
Thanks I will have a look :) |
Beta Was this translation helpful? Give feedback.
This will depend entirely on your application.
Think of a server function as a public API endpoint, which can be "called" by someone making an HTTP request with any arguments. What would you need to do to secure it?
For example, you might need to check user authentication/authorization inside the server function, to see whether the user making the request is allowed to do what this server function does.
All the same questions and concerns apply as would if you were creating a REST API endpoint, because that's what it is.