Say I need a serverless function to handle some stuff before/after calling a UDF that can’t be done in frontend code (i.e. sending emails with SendGrid would require exposing a sensitive API key in frontend code, so it must be handled by a backend/serverless function). How would you go about enforcing permissions and security in this scenario?
One way I thought of could be calling a UDF from the frontend that only acts as a security check by using Identity() to make sure that the user has the required permissions and then making a request to the serverless function from within that UDF. This obviously costs double though (2 UDF calls, one from frontend and one from serverless), and still doesn’t make me feel safe because the serverless endpoint could be discovered and used maliciously, bypassing the frontend check.
Another way could be making a request to the serverless function directly from frontend code and including something that the serverless function would then use to make the permissions check, but I’m stumped on what that would be. I’m guessing KeyFromSecret is what should be used in the serverless function to check that the token associated with the secret passed in belongs to the correct user, but is it safe to send the user’s secret?