Josh Grant
TTCTheo's Typesafe Cult
•Created by Josh Grant on 10/24/2023 in #questions
Am I making too many PrismaClient objects?
I am working on a multi-tenant application.
I have two separate routers. One for cross-tenant queries and mutations named
admin and one for individual facility data access named facility.
I created a Prisma extension to insert a where clause in all queries. The extension needs a facilityId from each request.
Because of this, I am calling the following code inside of createTRPCContext.
Does createTRPCContext run on every request to the API?
Am I creating a new Prisma client on every request?
My goal is to have cross-tenant data safety baked into the application. I want the API interaction from the front-end code to be very explicit.
api.admin.users.getAll() // Obviously a cross-tenant API call
api.user.getAll() // Obviously a single tenant API call
The admin router uses an adminProcedure that checks the database to ensure the user is actually an admin.
This application will be in a regulated environment so I will be hosting on AWS ECS and RDS.
Another option I am considering is Supabase and using RLS.
Thank you.2 replies
TTCTheo's Typesafe Cult
•Created by Josh Grant on 10/11/2023 in #questions
Consulting on HIPAA compliant T3 based application
I am an AWS Solutions Architect and web developer looking to setup HIPAA HIPAA-compliant infrastructure to host a T3 application in AWS.
Vercel is out due to not offering a BAA.
Amplify is out because my database is in a private subnet and I can specify what VPC the lambdas are in
I am looking into SST or running on ECS.
I am willing to pay for a few hours of consulting with someone who has gone down this road.
I am using:
- NextJS
- trpc
- Prisma
- RDS Aurora (Postgres)
- Clerk
Anyone who has been down this road want to make a few bucks by saving me some time?
Thanks.
28 replies