Approaches to server side form validation - toddle x Supabase
Hey , folks . Has anyone got any tips /tricks on how best to handle form validation server side when using toddle x Supabase ? Is the answer to use Supabase Edge functions or CloudFlare Workers for this ? Table constraints and RLS policy checks will only get you so far and I 'm conscious of ensuring forms are properly validated , while reducing as much repetition fron end and server -side as possible . Well , front end is for UX but need to ensure server -side is done as well . For example , I could make a post request from Postman and bypass the front end potentially introducing bad data , so need to handle potential situations where bad data might sneak through as front end validation is not solely reliable . Plus thinking about future improvements . Where other forms will be required . The only one you can 't really authenticate as easily would be a sign -up form or rather public forms in general Sometimes people also save those type of forms to a temporary DB from which they clean /validate then pass to the main DB Aye . The use -case I have (and maybe it needs improved ) is the profile . On signup , I create a record in the profile table with the user 's auth id and email generated on signup . In order to create the record using a trigger function , other fields like first name , last name , etc . , need to be null in order for the insert to work (there may be a way to improve that ) . The idea being fast signup without creating your profile completely immmediately . However , in order for your profile to be public , it needs to be complete . I can implement front end validation to ensure everything is checked before posting but that doesn 't mean someone could get around it by hacking the developer tools or something . Or I implement something that allows it without noticing . It 's unlikely someone would go around the houses for something so trivial but don 't want to make it an option . π But it is how we grow as devs
