How to build a secure application
Options
![Alexander Thomsen](https://us.v-cdn.net/6037124/user_avatars/2462107.jpg)
Alexander Thomsen
Member ✭
Hi there👋,
I'm kind of new to Xano and now have a basic understanding of the DB, API and authentication etc.
I'm trying to understand how to create a secure application so the user can only CRUD "To-dos" related to themselves.
My thinking (please correct me)
• I assume on the GET auth/me I would add an add-on to the"To-dos" DB by using a table reference.
• "To-dos" endpoint POST will require the user_id as an integer to the table reference, which I get from the GET auth/me.
Questions
• To update a record or delete a record how to do this securely, so only the specific user can edit/delete To-dos related to themselves? Can it be based on auth token that references the user?
Thanks!
I'm kind of new to Xano and now have a basic understanding of the DB, API and authentication etc.
I'm trying to understand how to create a secure application so the user can only CRUD "To-dos" related to themselves.
My thinking (please correct me)
• I assume on the GET auth/me I would add an add-on to the"To-dos" DB by using a table reference.
• "To-dos" endpoint POST will require the user_id as an integer to the table reference, which I get from the GET auth/me.
Questions
• To update a record or delete a record how to do this securely, so only the specific user can edit/delete To-dos related to themselves? Can it be based on auth token that references the user?
Thanks!
Comments
-
The authentication token stores the unique user id inside it. This is accessible in the function stack via "auth id".
You can leverage that in your function stack to help ensure the user is only dealing with data that belongs to them. Preconditions can be added too as an extra security check. -
Ah wonderful thanks👍
Categories
- All Categories
- 53 ? Announcements
- 47 ? Releases
- 37 ? Welcome
- 983 ? Help! I'm a Noob
- 125 ? No-Code Front-Ends
- 633 ? Working with APIs
- 439 ? Transforming data
- 126 ? Connect Xano to ...
- 50 ?? Find an Expert
- 348 ❓Other questions
- 35 ? Security
- 22 ✂️ Snippets
- 19 ? Showcase
- 7 ?️ Xano Chatter
- 62 ? Video Tutorials
- 171 ? Request a feature
- 229 ? Report a Bug
- 19 ? Templates & Extensions
- 7 ? Feedback