oushu@simon ~ % otool -L postgrest postgrest: /usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 1252.0.0) /usr/lib/libz.1.dylib (compatibility version 1.0.0, current version 1.2.11) /usr/local/opt/postgresql/lib/libpq.5.dylib (compatibility version 5.0.0, current version 5.10.0) /usr/local/hawq/lib/libiconv.2.dylib (compatibility version 7.0.0, current version 7.0.0)
hostto not show
localhostand the port
3030, but simply the subdomain? And since it is secured with https (http will be redirected to https in nginx), how do I set the scheme to reflect that? The reason I am asking is that e.g. Redocly pulls the information from there and hence the documentation would always point to localhost with a http connection :-(
Thanks for the quick reply, I have read the article.
From my understanding, the user needs credentials to write the data, but they can read the data even without the credentials, using the credentials provided in the postgrest config file.
If this is true, then there is a risk of data leak
I was wondering how I could use Queries? I want to use PostgREST in Combination with PostGIS and you need to use a specific query to get a GeoJSON output. Is it possible to this using PostgREST? An example query would be:
SELECT ST_AsGeoJSON(subq.) AS geojson
) as subq
im considering how to best do auth via Firebase and postgrest.. Either i
1: set the jwt-secret to contain the JWK key set from Firebase and update that daily as Google rotates keys, have a Cloud Function for Firebase that adds a "role" field as a custom claim as new users are being created
2: write a function in postgresql called get_bearer_token(firebase_token), that can validate firebase tokens, and return a signed jwt token with from a regular jwt secret, that the client can use as a bearer token.
QUESTION: From the decription on SQL user mangement in the PostgREST docs: What role attributes and memberships do I need to set in a multi developer environment? I have a
todos table with RLS, which shold be exposed as a view in the
api schema, however transfering ownership of that view with
ALTER VIEW api.todos OWNER TO authenticator; fails with
must be member of role "authenticator".
I have collected the entire process of what I did here, it also includes all SQL commands and futher descriptions: https://boostnote.io/shared/6cd93975-c0b2-4342-8c43-c0f901b5f033