Absolutely awesome! And I'm talking about the webhooks portion. I;m still in search of a tutorial showing user roles and pernissions in Clerk. Thank you
Hi! Loved the tutorial. I have a newbie question. Will Clerk middleware also protect the server actions, or can anyone with the server action ID access your actions using tools like Postman?
Hey great tutorial, I have a question, since the action to delete a todo item doesn't validate the user does it mean that any user can delete any todo item by just calling the API with the id? export const deleteTodo = async (id: number) => { await db.delete(todos).where(eq(todos.id, id)); revalidatePath("/"); };
Server action are auto protected, means external apps like postman etc. can’t trigger server action to delete any note. Server actions are not APIs in terms of it accessibility as there is no url of server actions just like apis.
Can you please make a video for single sign on, like centralised authentication website using next-auth, without any workos or any paid library for multiple saas website
It breaks around 12:50 when trying to generate, says that Error: Cannot find module 'dotenv/config'
Make sure you are using same versions of techs as I am using. Otherwise you can refer to docs and this is what I do.
you need go to terminal npm i dotenv before npx drizzle-kit generate
Absolutely awesome! And I'm talking about the webhooks portion. I;m still in search of a tutorial showing user roles and pernissions in Clerk. Thank you
Hi! Loved the tutorial. I have a newbie question. Will Clerk middleware also protect the server actions, or can anyone with the server action ID access your actions using tools like Postman?
Server actions are not directly exposed through any url like actual api, so no body can trigger server action functions directly from postman
Hey great tutorial, I have a question, since the action to delete a todo item doesn't validate the user does it mean that any user can delete any todo item by just calling the API with the id?
export const deleteTodo = async (id: number) => {
await db.delete(todos).where(eq(todos.id, id));
revalidatePath("/");
};
Server action are auto protected, means external apps like postman etc. can’t trigger server action to delete any note.
Server actions are not APIs in terms of it accessibility as there is no url of server actions just like apis.
@@ProgrammingwithUmair321 got it, I could see it in the network tab so I thought anyone could make an API call.
For those who search how to link clerk database with your own database : 1:11:23
dadabase !. Love the tutorial ❤
Can you please make a video for single sign on, like centralised authentication website using next-auth, without any workos or any paid library for multiple saas website
Now it's my request. Please make an ecomerce website which should be based on MUI and NextJs not any other css please
with typescript redux and react query tanstack tables
I am your first viewer.
so many youtubers using so many databases mf not inteesred in learning every thing