API calls from CLI | (INACTIVE) Learn Build Teach | Page 1

summer oxide May 6, 2023, 6:26 PM

#

Hi guys! I was building a CLI tool and thought about creating an API to store some data, but I started wondering: How can I make it so the endpoint is not exposed?
In the web, we can save these as ENV VARS in the server, but in a CLI application that will be sent to NPM, how does that work?
I believe if I hardcode it, if the user install my NPM package and goes into the dir that has the code, the user will be able to see the endpoint, right?

runic arrow May 7, 2023, 4:13 PM

#

Client side code can't hide the network location of the call, you could do some kind of auth or check to endpoint A, that returns the location of endpoint B, the client can then use endpoint B. But clients always have knowledge of where they are sending requests.

#

anything client side should be assumed as readable.

#

In cases where you need to prevent public access to an endpoint, you have to create an isolated network, where users are authenticated to that network, and the server side resources only allow access from specific IPs on that private isolated network.

summer oxide May 8, 2023, 3:07 PM

#

I see I see, thank you so much @runic arrow ! 🙂

runic arrow May 8, 2023, 3:19 PM

#

No prob. Client server architecture patterns ARE the web.

#API calls from CLI