Comment by rmbyrro
2 years ago
I understand it'd be necessary to implement all auth and check rules in SQL queries using roles and the CHECK statement.
What's the alternative in cases where I need more advanced checking before doing an INSERT/UPDATE that is not possible in SQL?
This is usually done in the backend. The frontend is not a trusted environment.
So, I'd just send a request to the backend, perform the checks, modify the data in Postgres and then it'd sync to the clients?
No comments yet
Contribute on Hacker News ↗