@@TuomoKankaanpaa In my case I have a round handler called translate-text, Now when I call it on my website it shows up in the network tab, so If a tech-savvy person copies its cURL and tries to call it from Postman he will succeed.
@Su47Goldeneagle so you would like some kind of authentication to it? I have videos about protecting api routes and nextjs auth you should check them out I think they will be helpful!
@@TuomoKankaanpaa Yes, I thought authentication would solve the problem, but it didn't. I'm using Supabase authentication which is similar to NextAuth. However, a logged-in user can copy the cURL of the endpoint and paste it inside Postman, allowing them to abuse my API by using their embedded authentication from the cookie.
@Su47Goldeneagle but since the user already has rights to use your api, i’m not sure why does it matter if they do it from the browser or from postman?
Hey Tuomo, always happy to watch your videos. I had forgotten about the import trick instead of directly linking the public path, thank you for the reminder
This video was very informative. I am making my first project in next.js and i was facing issue with theme in it. with your video my all isssue are resolved. Thanks a lot!!
Bro am a junior software developer I want to work in Finland waht is the most in demand technology there I should learn and what do you think about Finland talent boost program ✨
sir plss make a video on django websocket and redis deployment on vercel🙏🙏sir i really find this video in whole youtube but i am unable to find it... Help me as soon as posible😓
Thanks a lot Tuomo for this video. It's a lot clearer to me now how to implement role based authorization in Next.js. My only question is how to do this with email password authentication instead of Github authentication. Greetings, Anthony
Which tool do you use ? I'm doing the same mistake right now lol, not that familiar wjth figma srill trying to create wireframe with it. Now it has turned into a prototype lmao 😂
@@TuomoKankaanpaa I would say that the blogging experience is pretty smooth, too! I only spent time in the beginning to customise my theme. If I want to add a blog post, I use a command to scaffold the .md file and that’s it.
@@TuomoKankaanpaa It was just a joke based on popular hate of the language, I would say that this is happening because of the messy implementation of JavaScript that causes a lot of confusion and weird errors. This may have happened because the first version of JavaScript was written in just a few days.
I wonder if they'll put some notifications like permission to use AI by the browser (similar to microphone / camera), or some notification that shows if the AI is active? Otherwise, I don't think there's anything from stopping websites, or even malicious UI libraries to execute AI tasks using your computer's resources
I totally agree too, I just got back from one and I am excited to share everything that I learned on a video! It's a great way to get that local support from the community near you to help you break into tech as a newbie.
@@TuomoKankaanpaa Hi Tuomo, I found out there is a caching problem when using such const result = await sql`Select * From posts;`; I used cookies() to make every query up-to-date, is there any other ways we can deal with it? Otherwise the users won't see the newest data, thanks!
Let's be clear, writing blogs and building blog website (via code) are two different skills sets. You have to prioritize between practicing coding VS wiring blogs/sharing something. As a SDE, if you want to start a blog and write something. You do not need to build a blog from scratch. Cause this will distract you from the main purpose. If you want to practice your coding skills or have a side project - go ahead. And built a blog website is just one of them.