I have some simple project that based on 2 docker containers.
Containers are Apache servers - with static HTML files (without PHP).
Container 1: Public content.
Container 2: Private content - for registered users only.
The idea is that users enter to some link, lets say:
http://domain.com/HASH_ID
Then I need to route them to the right container. Users have tokens in their
localstorage(or cookies) - so that's way I can detect where I need to route
the user.
My problem is that I can't understand how to develop that router.
The issue is that I can't change to URL - so I can't create sub domains, URL
level or something like this... I need to allow to users copy urls and sends to
each other.
Please take a look to the attachment image bellow, maybe it will help to
understand the arch.
Related
I have a script that retrieves a webhook (meaning it has to be deployed as a publicly accessible App), and then uses an API to send a message.
The API requires using a key and secret, which I obviously don't want accessible to the public.
Q1: Is there a way to hide an API key/secret in another script and somehow have it accessible?
(Or any other similar solution - doesn't have to be fancy, just functional/safe).
Alternate Question:
Q2: What can a stranger actually see in my public Apps Script project? The full code? If I hide keys in a functions with an underscore ie. function name_(){}, can they read it?
IMPORTANT INFO: I have not 'shared' the project or spreadsheets with anyone, they're still private. But I've 'deployed' the Web App with permissions for 'anyone'. I assume that means anyone can access?
Everything in the script is visible to whoever has access (script owner, workspace admins, added users). Unless only the url of the webapp is shared and if the script itself is not shared then they are not able to access the script, so technically you can still keep them in your script. It is safe there and only the owner and workspace admins (if it is for Google workspace) can access it.
A way you can store/save the key is by storing it in script properties. Doing this you only need to run the script once to store the API key, moving forward you can remove the API key from the script and it will still run:
https://developers.google.com/apps-script/guides/properties#saving_data
Also refer to this post for more information, in my posted answer I have also provided alternatives and reference links:
Is it safe to put in secrets inside Google App Script code?
My project meet this issue, too. Because the amount of functions is not too much , So i hide my main GAS behind an dummy one .
So far I had 2 GAS
the main GAS with key , and all functions , and I deploy it as Web APP
Of cause u need doGet or doPost to do as entrance of API
The dummy one to share with users.
Then you can call something like below in dummy GAS
var url = 'https://script.google.com/macros/s/xxxxxxxxxxx/exec';
UrlFetchApp.fetch(url,{'method': 'get'});
I hope its useful in your case.
I want to build api route for my web app. I want to achieve something like this - http://api.localhost:80/home //I want this
Though I all found is to mount base uri as -
http://localhost:80/api/index //I don't want this
Anybody know how to mount base api route prefix before host?
What you are asking for is something called subdomains and it is a very useful thing that google implemented on its servers.
You can implement it in node.js (with express) by using a package called "express-subdomain".
Here is the npm page for it:
express-subdomain
I am using the MEAN stack for my project. I read online that it is not advisable to store image in the database itself and hence I am not doing that.
For solving this issue, now I have set up a local server (Using express) and I am serving my static image files from there.
Now I am able to use that image by using the URLs, for example:
http://localhost:4200/images/a.jpg
I am planning to host this express app eventually by using some service like heroku.
In my main website, I am achieving authentication(Sign In and Sign Up) by using MongoDb and NodeJs.
I want the images to be shown according to the specific logged in user.
Should I store my images in folder named by username of that user, so that I can genarate the URL string accordingly and access the image by :
http://localhost:4200/user1/a.jpg
Is the flow of my application correct? Is this the way I should be accessing the images for particular users?
I read somewhere that there would be a security issue because anyone having the url of the image can access it. I am not much concerned with security now as this a small project which is not meant for many users. But any suggestions for a way in which there won't be such a security issue would be helpful.
I am new to this and any advice would be helpful.
Thanks in advance.
You could use firebase for this .
Its super easy
Over there you could just create a folder with any name ans save all the images.
In the database you could just save their firebase generated link which can easily be mapped using a user_id or something like it.
I have 2 Ubuntu servers running on same location in digital ocean and the first one running as webserver(nginx) and the other one running as app-server(Nodejs)
Webserver sending request through private ip and as you guys can guess the app-server is not allow the direct requests.
My question is I have image/upload directory in the app-server such as : /srv/upload/user_images and I want to get those images from a web browser.
For example : www.myappserveripaddress.com/srv/upload/user_images/image1.jpeg
but the privilages would be the only image can be accessed from outside.None can access the /srv/upload/user_images/ to see the all images.
I dont know if its possible or not. Only if the user knows the image name , he can enter the ip.com/srv/upload/user_images/imageName.jpg . If this is possible what should I do ?
Not 100% sure I understand your question but in order to link the user to a certain set of images you could append to the name of the image the UserID.
If you have a database, each time a user uploads an image you can also save there just the name of the picture he saved, then when the image is saved in the filesystem you save it with the name {UserID}-{imageName}.jpg.
On his pictures menu he can easily see a list maybe of all the picture names he uploaded. These names are taken from the database and are not a link to a file on the server. Only when he clicks the image a request is constructed for a resource called /server/images/{UserID}-{imageName}.jpg.
The UserID here ensures you do not have duplicate image names in your server.
Hope this helps. If it is in any way wrong please let me know.
You must write an api and client between your servers. Logic is that: end user wants to access an image. Nginx (probably php) receives the request and creates a new request to nodejs. It checks the image path and returns the image to nginx, nginx returns image data to client.
I have site that is on another domain and iframe access will not work. The site on other domain is a questionnaire with series of questions. Once the questions are completed that site will give me a number.
My task is allow a user on my site to go over those questions and to be able to access that number.
How can I achieve that? I was thinking to spin up a node server and have it fetch the complete site and serve it to me, something like mediator. That way I will not have CORS issues.
Is it possible to stream the complete page along with css/js to my frontend (backbone app)? Run it in the window for the user. Upon completion it can send the answer back to node, so node can post it and return the number to me.
I am open to any suggestions :)