• x00z@lemmy.world
    link
    fedilink
    English
    arrow-up
    30
    ·
    5 days ago

    This is still over engineered. Just connect directly to the database from the client instead of having an API endpoint.

    • Zos_Kia@lemmynsfw.com
      link
      fedilink
      arrow-up
      1
      ·
      4 days ago

      Supabase unironically do exactly that. You’ve got your client, you login through OAuth, then use your JWT to connect directly to postgres.

      Your JWT contains your user id, which is used with row level security rules to determine which rows you can and cannot access. It’s pretty amazing what you can do with PG alone. The tooling is not quite there yet but that’s probably where we’re headed.