Closed jacobsamo closed 8 months ago
Dealing with authenticating the API and also keeping it safe from attackers is import.
This is why an approach of using JWT
or hashing response body is import
For routes that is dealing with user data will be sent back using JWT
and i think this is the best way to deal with all other authenticating.
TODO:
/users/*
need to be sent back using JWT
authorization
header to be using JWT
to send to the server and then decrypt /recipes/create
and /recipes/[id]/edit
authenticate who is actually updating to make sure it is the person is lastupdated or person who owns the recipe
There is so much business logic that needs fixing and is so important for users so the app flows a little nicer and fix pain points such as documentation, API for developers and in-app consistency and SEO for better user.
Fix / add these tickets:
Legal documents
beta
and info about importingDocumentation
UI / UX
Overall:
Recipe Form:
Imports:
Main page:
Recipe page:
Sign in / Sign up / Users
User profile
SEO, PWA
Preact
/recipes/[id]
and main pages make it revalidate every day with data and statically buildAPI's
tRPC
andReact Query
Recipes
tRPC
for importing recipes from a URLUpdate types
.$type
for JSON columns