The documentation does not describe how to separate Backend and Frontend logic.
On the server side, I want to make requests to the CMS Rest API containing secret keys in headers, and on the client side, transfer data for filtering requests to the CMS API.
How can this be implemented in Luna Park?
Components, pages and stores are always on the frontend.
Routes, databases and crons, are always on the backend.
If you need to store secret keys, I suggest using a config file and making sure to put the scope on “backend”.
This will make sure that this file is only compiled for backend (and is inaccessible from the frontend)
Now, you’ll have to create a route to perform the task and call it from the frontend.
- Create a Script file and set the Backend Scope for it.
- Does it matter in which folder of the project this Script is located?
- Is it safe to keep secrets in the config file, with git push it will be available in the shared repository? Should these parameters be passed to .env during deployment?
Does it matter in which folder of the project this Script is located?
Nop, you can put it anywhere. I like to thing that the same stuff should be in the same folder, like the component and the route it’s using. But if you prefer, you can create a “frontend” and a “backend” folder.
Is it safe to keep secrets in the config file, with git push it will be available in the shared repository? Should these parameters be passed to .env during deployment?
For now, Luna Park does not support .env, so you’ll either have to edit the .js file generated before deploying (and put a placeholder value beforehand), or save your actual secret key on git.
Saving a secret key in a private git repo is not necessery bad, but depending on your deployment method, it might be better to use env (which admittedly are not supported yet by Luna Park).