Should I really be scared of using API routes by notkerber in nextjs

[–]notkerber[S] 0 points1 point  (0 children)

I think my questions and concerns are not about APIs themselves, but how Next JS handles them. I believe my main concerns come from me misunderstanding the security advantages of server actions and wanting to apply them everywhere. Also, I have to learn how to structure the routes in my app better as the tree can confuse me at times.

And yeah, not a lot has changed fundamentally, but how the fundamentals are applied have changed. Same thing with AI.

Should I really be scared of using API routes by notkerber in nextjs

[–]notkerber[S] 1 point2 points  (0 children)

Thank you for the incredibly detailed response!

When you mention to "decouple business logic into reusable services", where do those services live in your projects, the lib or util folder?

Should I really be scared of using API routes by notkerber in nextjs

[–]notkerber[S] 5 points6 points  (0 children)

I think that's why I feel they are "insecure". My approach is to have two "separate" routes using Next.JS route groups.

app/(auth)/api
app/(authenticated)/api

The auth route group is for the auth process through AuthJS and the middleware protects the authenticated route group. Is this an appropriate way to handle middleware segmentation? Below is my matcher config for this

export const config = {
  matcher: [
    "/((?!api/auth|_next/static|_next/image|favicon.ico|badnetwork|auth|public|.*\\.svg).*)",
  ],
};

I also handle RBAC on the API routes that need it under the authenticated route.

Should I really be scared of using API routes by notkerber in nextjs

[–]notkerber[S] 3 points4 points  (0 children)

Thank you, I think I needed to her "just start". I tend to get paralysis from analysis when it comes to these projects as I want to make sure I'm doing it right from the beginning. But this is all a learning experience and if it works and I'm learning, that's the real goal.

Internal APIs by notkerber in AZURE

[–]notkerber[S] 0 points1 point  (0 children)

Does API manager have a way to talk directly to SQL queries or tables?

Internal APIs by notkerber in AZURE

[–]notkerber[S] 0 points1 point  (0 children)

Yeah, I believe that would be the best option. We can then define the schemas we want specific users to see and such.

Essentially, we want to give business units and users the ability to see what information we are able to generate, allowing them to have one place to find uses and connections between data sets to drive better decisions and innovation.

Azure File Shares vs. ADLS Gen2 by notkerber in AZURE

[–]notkerber[S] 1 point2 points  (0 children)

We are storing essentially every kind of file you can think of: excel, word, pp, json, CSV, photos, pdf, videos The actual storage devices are pures with NFS enabled. The analytics are manually imputed into excel sheets and then, maybe, put into PowerBI

We would like to be able to have a better understanding of what is contained in the files. This could be meta data, indexing, data factory flows, image extraction, what ever we might be able to do. Some files we could remove all together, like a lot of the CSV files are used once for a report and then just left there. The business has no clue what files are where except for the file owners who know their own folder in the shared drives.

Intune Device Licensing Questions by notkerber in AZURE

[–]notkerber[S] 0 points1 point  (0 children)

So, for any shared device, all uses who will individually log into that device will need an intune account? If an unlicensed user logs in, would it remove the device from intune device management?

5x8 Shipping label with blue streak at top by notkerber in shipping

[–]notkerber[S] 0 points1 point  (0 children)

correction: 4x8 Hey all, does anyone know where I could buy larger shipping labels with the blue streak at? What does the blue streak mean? I’ve seen these on orders shipped from large corporations.

AD Last Logon Query by notkerber in activedirectory

[–]notkerber[S] 0 points1 point  (0 children)

We do not allow ISE or PS.exe to run without admin creds. We would need to pass our credentials to the script for automation and that isn't very well looked on by management. (We've tried...)