idolpx
commented
2 years ago Ok... I'm going to split this into two individual requirements.
What is the reasoning for using a GUID rather than sequential IDs?
Open Nico-van-der-Zijden opened 2 years ago
idolpx
commented
2 years ago Ok... I'm going to split this into two individual requirements.
What is the reasoning for using a GUID rather than sequential IDs?
Nico-van-der-Zijden
commented
2 years ago You should use both in your DB where the id is the pk, you can use the id server side but when exposing the data through an api you should use the guid instead of the id. It's more of a security thing, if you expose the id of a record someone can easily decrease/increase that id and possibly retrieve data which they shouldn't, guessing a corect guid is a 'bit' harder.
idolpx
commented
2 years ago That makes sense. I guess we need to define what information should not be accessible. I don't think there is anything about a release, group, scener, handle, event, bbs, or sid that needs to be protected.
Of course a user's login info would need to be protected when logging in via the API.
idolpx
commented
2 years ago I've added "uuid" to the major types in the schema.
Add a Guid to the scener/releases/etc etc so that can be used to retrieve a specific release/scener etc. Also add created/modified/deleted columns for those kind of tables