make tileserver endpoint accessible to third party hosts (may need to reconsider the "security" of this endpoint and what we want) - @ryangroth5

AmericanWhitewater / wh2o-vue

Interactive map and guide for whitewater rivers in North America

https://wh2o-vue.netlify.app/

9 stars 1 forks source link

make tileserver endpoint accessible to third party hosts (may need to reconsider the "security" of this endpoint and what we want) - @ryangroth5 #570

Open tallowen opened 10 months ago

ngottlieb commented 10 months ago

The tileserver is currently implemented by this SQL query in this Laravel controller:

https://github.com/AmericanWhitewater/wh2o/blob/development/app/Http/Controllers/API/TilesController.php

Worth noting (so that you don't bang your head against the wall) that it may require some functions that are created in PostGIS using this mapbox library. It did at one point, I'm not 100% sure now.

On the front-end, this tileserver endpoint is used anywhere we use the VUE_APP_NWI_TILE_SERVE environment variable. That's loaded into environment.nwiTileServer -- grepping "nwiTileServer" should get you the most up-to-date listing of where it's used. As of now, it's only actually used in the nwiMap component (which is reused in a number of places throughout the site):

https://github.com/AmericanWhitewater/wh2o-vue/blob/development/src/app/views/river-index/components/nwi-map.vue

ngottlieb commented 10 months ago

Also just to reiterate: the security concerns that led to the access control we currently have are only about our own data, not access to Mapbox or ESRI using our API tokens (both are whitelisted to AW domains so can't be stolen). Our main impetus was, and I think continues to be, to prevent someone like, say, a river outfitter turned app developer, from using our data without asking or reaching some kind of licensing agreement.

ngottlieb commented 10 months ago

@drewalth there may be some overlap between this and what you're working on given that both tasks involve connecting some serverless architecture to our existing DB

tallowen commented 10 months ago

I created an endpoint: https://tileserver.americanwhitewater.org

That hits the following code: https://github.com/AmericanWhitewater/aw-components/tree/main/js-packages/tileserver

There are a couple key things that we need to do with this code:

Get a prisma client going so that we can more easily query data
Actually write the endpoint to return the data
Configure cors etc with the serverless framework (I believe this should be easy enough)

tallowen commented 10 months ago

https://tileserver.americanwhitewater.org/ now returns data fetched by prisma and backed by the database. I believe the next step is just to add to the queries and return the correct data.