Is connecting to services and products/databases or APIs secure ?

So, I have been the use of Firebase, particularly Firestore, however since I wanna self-host my very own infrastructure, I have regarded into different ways I may broaden an app with a equivalent “Firebase” backend implementation.

The very first thing I’ve considered is simply webhosting a MongoDB example after which the use of the mongo_dart bundle which might act like a Firestore alternative. I’ve observed additionally different opensources SaaS like AppWrite, Supabase, Directus, Strapi which total would get the task completed. The one worry right here I’ve is ready safety.

Each resolution makes use of a unmarried connection to the server, the database URL for the mongoDB, and an endpoint for the others. The article is any one who simply opposite engineers the app and effectively retrieve the endpoint would immediately be capable to get admission to the whole database, and even a large a part of it if in case you have set some fundamental laws and authorisations (when it is even imaginable). So I do not perceive why such a lot of other people makes use of thoses programs, it will result in vital databases leaks or worse.

After all I do know that the entirety comes with a value, and if I need an actual safety layer I must make my very own API and checking tokens and many others.. however nonetheless, am I lacking one thing with the ones new opensources services and products that appear vital ?

View Reddit via postroliform – View Supply