Mirroristas/pockethost
2
0
Fork 0
mirror of https://github.com/pockethost/pockethost.git synced 2025-07-06 12:52:30 +00:00
Code Issues Packages Projects Releases Wiki Activity
pockethost/docs/rpc.md
Ben Allfree 994a0d2f4e enh: split dev docs out of user docs
2023-10-11 04:59:28 -07:00

1.5 KiB
Raw Blame History

title category description
Creating RPC Calls development Learn how to secure data modifications with PocketHost by creating Remote Procedure Calls (RPC). Our guide comprehensively covers how to produce new RPC calls, adjust the schema, and handle commands. Currently, only asynchronous executions are supported, with returns from RPC calls unavailable. Ideal for nodejs programmers seeking robust security measures.

For security, PocketHost does not allow modification of records by the frontend PocketBase client. Instead, the frontend must send an RPC request which the backend will securely process. This allows for many security vulnerabilities to be addressed which PocketBase admin security rules cannot. In particular, PocketBase admin security rules fall short in these scenarios:

  • When the incoming data cannot be validated declaratively
  • When multiple records and/or tables must be updated as a transaction
  • When side effects (ie, other mutations) are required under specific conditions

Therefore, PocketHost uses an RPC pattern instead.

Creating a new RPC Call

  1. From the command line, run npx hygen rpc new <FunctionName>. This will generate all necessary files for both frontend and backend support of your RPC call.
  2. Edit ./packages/common/src/schema/Rpc/<FunctionName>.ts to suit the schema you want.
  3. Edit ./packages/daemon/services/RpcService/commands.ts to respond to the RPC command

Getting the result from an RPC call

RPC results are currently not supported. RPC commands are run asynchronously.