-
Notifications
You must be signed in to change notification settings - Fork 382
Potential Questions
This is a list of questions that new users could potentially raise when working with DeepStream.
Q: The tutorial states it's best to use UIDs as record identifiers. If I use a UID as the record identifier for a user instead of username, what's the best way to lookup that user record during authentication? The reason for asking is because the main search plugin seems to be specific to RethinkDB.
Q: I understand that the DeepStream client library is used in the browser and on the server. How can I keep server-side event messaging private among agents on the NodeJS backend without these messages being exposed to all of the browser clients?
Q: Is it possible to monitor or intercept any kind of message on the server? Is canPerformAction currently the only way to realize this? Or does the client API support client.on("message").
Q: The DeepStream client library seems to be used in the browser frontend and in NodeJS on the backend. What's up with that? Why would I want to use a client library on the server? A: Scalable modules.
Q: Potentially there will be a lot of security handling code to implement inside canPerformAction on the server. Has anyone written a plugin for permissions and canPerformAction?
Q: As I create new records using record.getRecord(), do they automatically get added to lists or do I have to use list.addEntry to manually add it?
Q: Why do lists contain references to record identifiers instead of actual records themselves?
Q: How do I go about locking down my DeepStream server later so that clients can not create arbitrary tables in the database when records are created.
Q: When I create a new record, why does DeepStream emit a create_or_read action instead of separate actions for create or read? I would like to enforce that a specific client is not permitted to create new records. How can I do this if I never see the ACTIONS.CREATE action being called?
Q: I see a message in the Node console: "You can catch all deepstream errors by subscribing to the error event." It had actually encountered an ACK_TIMEOUT error. But why does this cause the server to crash? If I truly need to catch this error to prevent the server from crashing, do I need to catch the error in every client connection or do I catch it on the server somehow?
Q: I want to be able to associate a new record with the user who created that particular record. How can I create a hook on the backend to be able to attach the username of the user who created a particular record? I suppose that this ought to happen on the backend as to not trust that a particular frontend client connection would properly attach the correct username. Does deepstream need a server mechanism which is more broad than the PermissionHandler? Is it currently possible to rewrite an incoming message, for example, to insert a username into a record? Or should messages always contain a reference to the senders (username) of the message?
Q: Once I signin to a client connection, is there a way to later lookup the username via deepstream or do I need to retain a reference to the username?