refetching on client side?!
hey, I use react query and graphql client in a next app to fetch data from contentful. I wonder if I need to have the token publicly available in order to use react query due to the fact the revalidating of the states is happening on the client side?! Or am I misunderstanding something here? I am just concerned about having the access and previewtoken written in the client bundle?! Any ideas?
4 Replies
sensitive-blue•3y ago
You can create your own API route that react query would call. And that API route would talk to contentful and use the token (in the backend).
ratty-blushOP•3y ago
so serverless functions would be the correct way here?!
sensitive-blue•3y ago
Regardless of whether you use react query or not, if you don't want to expose your token to the frontend you'll have to create your own intermediary api... One thing to check is whether the token is safe to be sent to the frontend (only the provider can tell you that). If that token is private (not a public key), I don't see another option.
rare-sapphire•3y ago
I think Contentful keys are fine to be exposed on the client, but check this. As above, the only way to avoid this is with an intermediary backend