Get started
We are having lots of fun on Discord. Come and join us!
Star on GitHub 45.1K Get started
Back

How to get only data added by current user ( filter by user-specific property )

  • 2
  • Users
  • Databases
  • Web
  • REST API
View on Discord
Мухаммадамин
25 Jan, 2024, 19:08

I'm using Nextjs14, App Router, and did all crud operations on server-side due to some problems. Now I want to do that users can only fetch their own data. How can I filter user-specific data from collections?

In addition: I'm using ApiKey, Redux-toolkit, and login & password authentication for the login part of the application.

TL;DR
Developers are asking how to filter user-specific data from collections on the server-side. One suggested solution is to use JWTs, cookies with user IDs, or custom headers with user IDs to identify the user on the server-side and filter queries based on their ID. Another solution is to include a filter in database queries to retrieve only documents matching the user ID. This can be done by using the Appwrite SDK and implementing proper authorization checks.
Arif Qayoom
25 Jan, 2024, 19:11

Filter data on server-side using authenticated user ID stored in Redux. Include ID filter in database queries and protect API routes with authorization checks. Keep API key secure on server.

Arif Qayoom
25 Jan, 2024, 19:13

Apply a filter in your database queries to retrieve only documents matching the user ID:

// Example using Appwrite SDK (adjust for your database): const authenticatedUserId = useSelector((state) => state.user.id);

const queries = [ Query.equal('userId', authenticatedUserId), // Filter by user ID // ...other queries ];

const response = await database.listDocuments( collectionId: 'yourCollectionId', queries, );

Мухаммадамин
25 Jan, 2024, 19:16

@arifqayoom39 Thank you so much, understand

Мухаммадамин
25 Jan, 2024, 19:17

Is there other way, like, I read in the docs that if we use JWT it automatically gets own data, maybe with cookies, headers ?

Arif Qayoom
25 Jan, 2024, 19:18

You're right! JWTs, cookies with user IDs, or custom headers with user IDs can also achieve user-specific data access. They all work by identifying the user on the server side and using that information to filter queries. Choose the method that best suits your security and authentication needs. Remember to implement proper authorization checks alongside chosen approach.

Мухаммадамин
25 Jan, 2024, 19:23

Great. Thank you again.

I will try with cookies, if I can't, I will ask

Arif Qayoom
25 Jan, 2024, 19:27

Sure just mention my usersname, so I will get notified

ideclon
25 Jan, 2024, 19:37

This code is out of date - from before Appwrite had multiple databases per Project.

ideclon
25 Jan, 2024, 19:38

The correct syntax is database.listDocuments("[DATABASE_ID]", "[COLLECTION_ID]", queries)

Arif Qayoom
25 Jan, 2024, 19:38

umm may b!! Correct me & suggest best answer to him🤗

ideclon
25 Jan, 2024, 19:44

Are you looking to do this still on the server side, or are you looking to move this to the client side?

ideclon
25 Jan, 2024, 19:45

And how do you denote what data is "user-specific"?

Reply

Reply to this thread by joining our Discord

Reply on Discord

Recommended threads

Need support?

Join our Discord

Get community support by joining our Discord server.

Join Discord

Get premium support

Join Appwrite Pro and get email support from our team.

Learn more