[SOLVED] Access Database from Functions

This is what actually happened when you're contacting Appwrite using a function.

TL;DR

The user was looking for guidance on how to access a database from functions. They received advice on using the database to mark users as verified and checking the verification status on the frontend. It was also discussed how the function would return the response and update the database accordingly. The user questioned if it was possible for someone to manipulate the response to attain a false verified status, but it was explained that the database is the source of truth. The user also received guidance on best practices for handling sensitive information in functions. The solution was to use appwrite.json to store environment variables.

the dashed line marked the sequential request

Okay thanks a lot would try using it like this also but what would happen if I directly put the variables there rather than putting them as environment variables also if project-based environment variables would be set that would help a lot

yes exactly that was what I was looking for

In few functions I've put the values directly in the function

Its usually just best practice to avoid putting sensitive information in a function that could be in Git or something like this

Alright I understand now why is it important to provide them, providing them only expands our scope of using Apwwrite in different ways.

Okay I Understand would try to use the best practices and would use appwrite.json to do so as you shared

Exactly

thanks a lot for the guidance and help

<a:agooglethumbsup:635256484682530825>

[SOLVED] Access Database from Functions

Also @Binyamin one last thing would like your guidance in

not related with this issue

Let us say I am using a function

to verify the otp

Okay?

entered by the user rest of all the logic is handled and if the OTP matches the function returns "verified" and if a mismatch occurs it returns "not-verified"

let us say that the response returned was "not-verified" is it possible for someone (a user) to encrypt the "not-verified" response from the function to the frontend as "verified" in order to attain their hacky verified status

From what I understand the function is returning the response right. Meaning that when the user is verified, you actually change something in the database, right? about the user.

If that's the case, it doesn't really matter what the user try to change it because the only source of truth is what the database have

Okay thanks a lot I got an Idea from your response, earlier wasn't using the data base would use the database to put the user as verified from the functions side only and then when the response returns would check at the frontend side using the database if the user is verified

Exactly. That's sounds like a good approach

if it is verified then would proceed else would declare verifications unsuccessful;

thanks a lot

solved another potential issue

Reply to this thread by joining our Discord

Reply on Discord

Need support?

Join our Discord

Get community support by joining our Discord server.

Join Discord

Get premium support

Join Appwrite Pro and get email support from our team.

Learn more

Recommended threads

Need support?

Join our Discord

Get premium support