How We Securely Implement Server Action?
Answered
American black bear posted this in #help-forum
American black bearOP
How can we securely implement a server action that requires passing userId as a parameter, considering the potential risks of unauthorized access through network requests?
For example
Edit Name with server action
we need to pass userId and newName to server action
but it can make a network POST request, so anyone can curl to our server action
For example
Edit Name with server action
we need to pass userId and newName to server action
but it can make a network POST request, so anyone can curl to our server action
8 Replies
Answer
@American black bear How can we securely implement a server action that requires passing userId as a parameter, considering the potential risks of unauthorized access through network requests?
For example
Edit Name with server action
we need to pass userId and newName to server action
but it can make a network POST request, so anyone can curl to our server action
POST request? are you talking about API route handlers?
API route handlers are different from server actions
@James4u POST request? are you talking about API route handlers?
American black bearOP
i mean like that
@James4u https://nextjs.org/docs/app/building-your-application/authentication#protecting-server-actions
American black bearOP
this what i'm looking for btw
thanks
@American black bear don't forget to mark it solved 🙂
@James4u <@824302687814287360> don't forget to mark it solved 🙂
American black bearOP
thanks