Do i use server components , actions over express JS for my App
i am building a chat app that will use socket io , mySQL database , next js , jwt for authentication as well , i was planning to use express js for the backend for my websocket server logic i was following the next js 14 tutorial they used server actions to submit form data for the new users and the rest of the App to their hosted postgre sql database is there any disadvantages for using server action and components for handling database logic over express js endpoints before i read the docs i was gonna handle both jwt , database logic with express js in the backend i saw this new react feature and i am a bit confused on which way to go and is it gonna work if i take the server actions components path ?
9 Replies
don't use express if you already have a nextjs app. Just create route.ts files.
JWT is a terrible authentication method, it's simply not made for web applications, stick to the standard, sessions. And server actions versus express.js doesn't really impact the site
JWT is ok if you implement it correctly
but it's hard to implement correctly
Coming back to the original question, server actions are a lot better because you don't lose typesafety
but they are serveless wouldn't that be a problem ?
why is it hard to implement correctly ?
because in most cases it is stored in local storage or some other place from which it can be easily stolen
is there a solution to that ?
OAuth/OIDC .. it's industry standard with identity, refresh and access tokens. There are 3rd party identity management platforms which implements the standards and you can leverage them for a fast solution. It's a complex topic with an entire industry around it.
Regarding actions or express backed it depends on each use case, I am using both. You could use just nextjs + actions probably, it simplifies everything which is what you initially should target for.
I see it as a matter of what is your target with the chat app... what are the requirements.
Server actions are still relatively new. I would recommend you use Nextjs api routes for your server instead of making a custom javascript server since that tech is built in.
"next-safe-action" or "zsa"
wats the recomendation and why ?
any suggesstions