Get started
We are having lots of fun on Discord. Come and join us!
Star on GitHub 45.1K Get started
Back

Functions: use user context

  • 1
  • Auth
  • Functions
View on Discord
maru
27 Apr, 2024, 20:03

Is there a way to use the client user's context to perform actions from the server SDK (e.g. node-appwrite)? I don't want to give users direct DB access, since users cannot be trusted (don't want someone scraping data or similar, plus some actions need additional steps). However, when a user calls a function, I want to make sure that permissions are still applied correctly, e.g. a user can only update their own DB records. How can I do so?

TL;DR
Developers are seeking a way to use a client user's context for server actions, like with node-appwrite, while maintaining security and restricting direct DB access. The solution lies in authenticating the user's actions using a JWT token and implementing appropriate permissions within the function itself. More information can be found at <https://appwrite.io/docs/products/functions/develop#using-jwt>.
Steven
27 Apr, 2024, 20:26

Maybe this will help: https://appwrite.io/docs/products/functions/develop#using-jwt

Reply

Reply to this thread by joining our Discord

Reply on Discord

Recommended threads

Need support?

Join our Discord

Get community support by joining our Discord server.

Join Discord

Get premium support

Join Appwrite Pro and get email support from our team.

Learn more