Is it possible to store user metadata only accessible to Netlify Functions? That is, not included in app_metadata or user_metadata sent to client upon login.
You can store anything you like in a function - we donât allow âdownloadâ of that source code by visitors, so it is a safe place to store sensitive data. Not sure what your data source is, but you could hardcode it directly (for instance: GitHub - depadiernos/token-hider-inator: A token/key obscuring function for API calls using Netlify functions.), or you could make an API call from your function to retrieve e.g. a userID from a server of yours, based on something about the visit (e.g. a cookie set).
1 Like
Thanks,
My data source is FaunaDB. The function Iâm setting up is serving as a graphql endpoint using schema stitching that forwards some requests to FaunaDB.
The information I would like to keep track of is the individual users FaunaDB access tokens. In theory there could be thousands of those. But since functions are supposed to be stateless (right?), storing that data at the function level is probably not a good idea. Unless there is some sort of session storage available to functions?
Yea, you wonât want to store a large number of data in a lambda function nor is there any session storage. What youâll probably want to do is store it your information in your database and using a lambda function as a âgo-betweenâ to access that database. This âgo-betweenâ approach is just so you donât have any API keys in your client-side code.
Let me know if that makes sense.
1 Like
That makes sense, thanks. The setup you are describing is the one Iâm using right now, with a lambda function serving as âgo-betweenâ. The lambda function needs to have access to each users individual access token before doing the âgo-betweeningâ though. Possibly Iâll setup a redis db as âsession storeâ for keeping track of that data.
1 Like
let us know how you end up approaching this - thatâll definitely be interesting for other people.