martinpopoff
TTCTheo's Typesafe Cult
•Created by martinpopoff on 5/23/2023 in #questions
t3 app with a need for a REST API reached by other locations
Hello, everyone!
I currently have finished work on a t3 app and everything is setup as per the client needs. (It is a small dashboard app for managing a few business-side tasks). Everything is amazing so far and I've loved working with t3 in prod.
However my client now has come with a new request: Some of the resources needs to be reached from outside locations (2 other websites) through a REST API to be used just for display. (Simple GET requests).
So right now I'm thinking if I should implement the logic in a NestJS or a simple Express app and have the external locations reach those endpoints or try and force tRPC to work with CORS. (I know that the point of tRPC is obviously not that but I just want to know if the dev experience is going to be okay)
As a footnote, I wanted to mention that the endpoints, reached by the external location may need to be expanded further down the line and more functionality to be added, so maintaining the two codebases (the t3 app and the potential backend app) will definitely be a small issue.
Thank you in advance for any help and responses!
6 replies
TTCTheo's Typesafe Cult
•Created by martinpopoff on 3/29/2023 in #questions
Prevent public database access (AWS RDS with Vercel)
I currently have a database setup on AWS RDS that I connect to from my app hosted on Vercel. However from this article - https://vercel.com/guides/how-to-allowlist-deployment-ip-address Vercel suggests that I keep my security rules open for all connections (0.0.0.0). This seems like a great security risk even if my database is not that large yet. Do I have to decouple my backend and put it in an EC2 instance and abandon backend type safety for that reason alone?
9 replies