adam-cowley
commented
2 years ago It really depends on the purpose of the app. These hooks are only really suitable for use in internal-facing applications. The problem is that you either need to provide login credentials to Neo4j or hardcode them into the app which both have their own security implications.
If you are building an application that will be used by the general public I'd recommend building an API instead. This way the URL and connection details for Neo4j are kept a secret.
You could consider using the Neo4j GraphQL library or something like Neode. Or most recently, I have just added neo4j-driver as a dependency and used it to execute Cypher queries within an express app.
This project has an API built with Nest.js if you want something more powerful.
I hope that helps! Let me know if you have any more questions.
Hi, i'm new in Neo4j, i'm wondering about security and performance while directly access data from neo4j instead of build api server to handle all the CRUD works.
if i need to create a service, will you recommand use-neo4j or build api server ?
thank you.