Open SHoward-A opened 1 year ago
smac89
commented
9 months ago Use a proxy and only allow the client's IP address. You can also use a cookie which is set by your proxy, then block all attempts to signup, which do not include this cookie. All of this can be done with Nginx
tasn
commented
9 months ago At the end of the day though, it's fragile, as it trusts the user agent. There really isn't a way to do it other than playing cat-and-mouse games with people trying to circumvent it.
I want to allow signup users in eteserver, but I do not want anyone else to allow this (I mean do not publicly allow, except my front end application ). What I have in mind is that I will create new custom sign up API, and use some signature to make sure request is coming from my front end application. After that verification, I want to signup user, I am not sure how to do this, I tried to explore etebase python sdk so that I can replicate functionality from there, but no luck.
Can anyone please guide, how I can achieve this thing. Thanks in advance -:)