Hello fellas.
I was thinking of a “new” way to connect apps/servers that are both “secure” and enables fast development. The whole idea is to
- Define functions on a server. Each function belongs to a certain group.
- let clients/apps register to different groups.
- let clients/apps “run” these functions on the server
- send back the response/return value of the functions back to the client
Example:
1. On the server: teleport.define(‘adminGroup’,save_data_to_db(gData) => {await mongoDb.saveData(gData); return ‘OK’}
2. On the client: teleport.run(save_data_to_db(‘hello world’)) // If the client is an in adminGroup => the server will run the function and send back the reposne.
I have implemented an example class (named Teleport), code available at : https://replit.com/@schooltoolsone/Teleport?v=1
The goal is to
- quickly include this class both on the server and client/app side
- add groups and functions on the server
- run these functions on the clients
- no need to care about authentication, and authorization as it is done in the background
Notes:
- The class should be possible to use both in the server and client code
- It is a lightweight, only REST requests supported
- It is not fully functional yet but should be soon
Now to the questions:
- Is this a “good enough” way from a security point of view?
- Is this “good enough” from performance point of view? (lets skip sockets and assume REST communication is enough)
- is there any similar service/OSS code already out there?
- other thoughts