-
Notifications
You must be signed in to change notification settings - Fork 3.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
🚀 Feature: Refactor & Rename Dart Server Api #3613
Comments
Thank you for raising this issue! 🙏 A great deal of our documentation differentiates between Client and Server SDKs and APIs (eg. SDKs and Databases API). It's also important for us to emphasize the Server SDKs/APIs are to be used server side only and not in any client application because doing so poses a security risk. Is there any place where we should work to better explain the difference? For the Appwrite Dart SDK, we emphasize in the readme:
What can we do to make that clearer? |
About the security risk. The folks using appwrite are pros and let them decide on the risk. For example, logging into many systems as 'superuser' or 'admin' is clearly a risk. After fair warning, the supervisor is on his own. As your own docs point out at https://appwrite.io/docs/getting-started-for-server. |
🔖 Feature description
Rename the Dart Server client to something like 'Dart Superuser' client, also refactoring (renaming) the classes to prefix (or suffix) the common class names with 'su', like SUAccount or AccountSu (or whatever).
🎤 Pitch
For a newbie or even a pro, when seeing the many aw client SDK's, it is easy to assume that a 'server' client is for my (http or whatever Dart) server that is also a client to the Appwrite server. Hence, when certain functions are restricted from the normal client, but do exist in the server client, I need to decide if it's worth for me to spin up a http server just for this or that feature.
For example, creating collections from the aw client, seeing that a 'server' client can do it, doesn't help me too much. (Because I incorrectly assumed that it meant an http server of my own.)
Now, this server (superuser) client IS indeed the right way to go, but the naming clashes is still a problem.
Hence, this feature request.
👀 Have you spent some time to check if this issue has been raised before?
🏢 Have you read the Code of Conduct?
The text was updated successfully, but these errors were encountered: