CODEWITHSUNDEEP
sails.js
rablentain
rablentain

Reputation: 6715

Sails auto generated api in production

In Sails.js you can easily create an api and this will provide you with action, rest and a shortcut api. This is wery clear from a lot of sources on the internet. This is also very practical when setting up a new app.

One thing that don't seems very clear is what to do when deploying the application to production. I can't think of anyone who would like /user to be open for anyone to see...

I don't really know how to handle this, there is many routes that one might not want to be open in production. I can think of the following ways to solve it:

  1. close rest, actions and shortcuts in blueprints.js (which will remove all automatic apis), and then define them myself in routes.js.

  2. Add policies for every route that I want no one to see (I don't even know all the routes that is automatically created so this seems risky).

  3. Override all controller actions that should not be visible.

What is the right way to handle the routes that I don't want to have, when they are automatically created?

Upvotes: 2

Views: 182

Answers (1)

Alexander Petrov
Alexander Petrov

Reputation: 309

I don't like only your 3-rd method. I can suggest few methods:

  • Disable rest for all models in global blueprints configuration (config/blueprints.js) and enable it in needful models. Look overriding blueprints.
  • Yes, you can add policies to some blueprints. You can find list of all default blueprints ("routes that is automatically created") in blueprint-api reference.

Hope it helps you. Sorry for my english :)

Upvotes: 2

Related Questions