Poor Man's Back End-as-a-Service (BaaS), Similar to Firebase/Supabase/Pocketbase

throwaway984393 3 days ago|

[dead]

theyknowitsxmas 3 days ago||

This screams regex injection

zserge 3 days ago|

You might be right, but the only place where regexps are applied in code is for validating resource text fields (which is optional). Those regexps are defined in read-only schemas by the developer (if needed). Schemas are immutable. There seems to be absolutely no connection between the data transmitted over the API (i.e. what user can inject) and regexps. I'm not dismissing the idea that there might be plenty of other possible vulnerabilities in other areas of this toy project.

jonstaab 3 days ago||

Alternatively, you could use nostr, have your users pay for the database, and get access to rich content types, an existing social graph, and application interoperability.

animitronix 3 days ago||

Sorry, that acronym is already in use for banking as a service. Try again.

Syzygies 2 days ago|

So let me get this straight. You read "back end as a service" and your mind went to BANKING?

riigess 3 days ago|

Calling this a Poor Man’s backend isn’t even the wrong name for it. Admittedly, this is what I’d expect from a Sophomore in University.

To the others arguing you should’ve stored the data as a binary, might as well have created an API wrapper around SQLite at that rate and called it “JASW - Just Another Sqlite Wrapper”.

@ OP - what was the inspiration for the project? Were you learning DBs or intending to use this in a production environment for a chat session with GPT or something? Would love to help you improve this, but we’d have to understand the problem we’re trying to solve better.

eatonphil 3 days ago|

zserge is one of my favorite authors and programmers.