I was thinking of a “new” way to connect apps/servers that are both “secure” and enables fast development (node.js). The whole idea is to
* Define functions on a server. Each function belongs to a certain group.
* let clients/apps register to different groups.
* let clients/apps “run” these functions on the server
* Send back the response/return value of the functions back to the client
Example: 1. On the server: RunRest.define(‘adminGroup’,save_data_to_db(gData) => {await mongoDb.saveData(gData); return ‘OK’}
2. On the client: RunRest.run(save_data_to_db(‘hello world’)) // If the client is an in adminGroup => the server will run the function and send back the reposne.
I have implemented an example class (named RunRest), code available at : https://github.com/noah155/RunRest
The goal is to
- quickly include this class both on the server and client/app side
- Add groups and functions on the server
- Run these functions on the clients
- No need to care about authentication, and authorization as it is done in the background Notes:
The class should be possible to use both in the server and client code
- It is a lightweight, only REST requests supported
- It is not fully functional yet but should be soon
Now to the questions:
- Is this a “good enough” way from a security point of view?
- Is this “good enough” from performance point of view? (lets skip sockets and assume REST communication is enough)
- Is there any similar service/OSS code already out there? other thoughts
Feel free to add/update