Hi all
I’m leaning towards making my front end as dumb as possible and handling all of the db calls via buildship. As my app will need to run some system wide changes my thoughts are
RLS on everything
Access the backend via buildship using the service key. To bypass RLS from what I hope is my secure middle layer. RLS is on to protect from others.
Pass my JWT to Buildship verify it’s valid before making the db call. Exit out if not a valid JWT. Needs Jwt secret also stored in Buildship to achieve this
Thoughts? Am I nuts ? Anyone done this? How secure are my keys in Buildship?
if this is secure makes deployment of new tables easier as just turn on RLS and done
grateful for any thoughts or successes from you all . Or failures as to why I am nuts
Cheers