Hey, I’m using my own express server hosted on my vps to handle request for database updating, and t

Hey, I’m using my own express server hosted on my vps to handle request for database updating, and then making the requests on my worker to update things in my database (mongodb)

What is a good way to authorise this? To make sure no one can make random PATCH requests for example? Atm, I’m just using an authorisation header with a random string and then checkin that on my express server. Is there a better way?

.gwapesOP•11/20/23, 12:04 PM

It’s only for something small so it doesn’t matter really but it’s more of a learning thing

..gwapes Hey, I’m using my own express server hosted on my vps to handle request for data...

Hello, I’m Allie!•11/20/23, 12:05 PM

Create a DNS record for it, then put the Worker on top.

Hello, I’m Allie!•11/20/23, 12:06 PM

Then all requests hitting your origin have to pass through your Worker first, where you are free to accept/deny

.gwapesOP•11/20/23, 12:07 PM

So I’d check if it was a patch, and the route was the specific route that would be on my express server?

..gwapes So I’d check if it was a patch, and the route was the specific route that would ...

Hello, I’m Allie!•11/20/23, 12:08 PM

That, or just never pass a request back to your origin unless it is you making a DB request

.gwapesOP•11/20/23, 12:08 PM

And how would I make sure it was my worker

.gwapesOP•11/20/23, 12:09 PM

Also, is it not very optimal to just have an authorisation header?

..gwapes And how would I make sure it was my worker

Hello, I’m Allie!•11/20/23, 12:10 PM

You could use a Tunnel, and then not expose the server at all

..gwapes Also, is it not very optimal to just have an authorisation header?

Hello, I’m Allie!•11/20/23, 12:11 PM

You can, but with this method, you literally can't hit the origin at all(barring any issues on CF's side), while with the Auth Header method, a bad actor can still hammer your DB with requests, even if they aren't authorized

.gwapesOP•11/20/23, 12:12 PM

I’m a bit lost with the last part there. I only actually make the db update if the auth headers value is that “random string”, so it won’t do anything if it’s not right

HHello, I’m Allie!You could use a Tunnel, and then not expose the server at all

.gwapesOP•11/20/23, 12:12 PM

Is there any docs/examples on tunnelling?

..gwapes I’m a bit lost with the last part there. I only actually make the db update if t...

Hello, I’m Allie!•11/20/23, 12:13 PM

Yes, but in this case, if I want to take your DB out of commision, I can just send random requests to your server. The changes won't be able to be applied, but because your server is busy handling my requests, it won't have time to handle your valid changes

..gwapes Is there any docs/examples on tunnelling?

Hello, I’m Allie!•11/20/23, 12:13 PM

https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/get-started/create-remote-tunnel/

Create a remotely-managed tunnel (dashboard) · Cloudflare Zero Trus...

Follow this step-by-step guide to get your first tunnel up and running using Zero Trust.

HHello, I’m Allie!Yes, but in this case, if I want to take your DB out of commision, I can just se...

.gwapesOP•11/20/23, 12:13 PM

But that would be an express like thing, right? Rather then a db thing. Because it’s just busy not doing anything but handling the wrong requests

.gwapesOP•11/20/23, 12:14 PM

So it would be better to return wrong requests from my cf worker where everything goes through anyway?

..gwapes So it would be better to return wrong requests from my cf worker where everythin...

Hello, I’m Allie!•11/20/23, 12:14 PM

Yes, because no matter how beefy your server is, Workers will be able to burst to much higher capacity than Express

..gwapes But that would be an express like thing, right? Rather then a db thing. Because ...

.gwapesOP•11/20/23, 12:15 PM

Doing nothing*

.gwapesOP•11/20/23, 12:15 PM

Gotcha

.gwapesOP•11/20/23, 12:15 PM

Thanks so much, was really helpful

HHello, I’m Allie!That, or just never pass a request back to your origin unless it is **you** maki...

.gwapesOP•11/20/23, 12:17 PM

Just to confirm, I can still use the auth header method, right? Just instead using the worker to say yes or no

..gwapes Just to confirm, I can still *use* the auth header method, right? Just instead u...

Hello, I’m Allie!•11/20/23, 12:18 PM

Yeah, you could

.gwapesOP•11/20/23, 12:18 PM

Awesome, thanks

.gwapesOP•11/20/23, 1:26 PM

Is there an npm package or something similar for how to type the context param here

export default {
  async fetch(request, env, context) {
    // Proxy to origin on unhandled/uncaught exceptions
    context.passThroughOnException();
    throw new Error('Oops');
  },
};

export default {
  async fetch(request, env, context) {
    // Proxy to origin on unhandled/uncaught exceptions
    context.passThroughOnException();
    throw new Error('Oops');
  },
};

.gwapesOP•11/20/23, 1:28 PM

nvm got it

kian•11/20/23, 5:31 PM

Try

zone_name

zone_name

instead.

mooon•11/20/23, 9:45 PM

hi there, i've deployed my worker, and when i try to access it i get this error

mooon•11/20/23, 9:45 PM

but when i run it locally

mooon•11/20/23, 9:45 PM

it works fine

mooon•11/20/23, 9:45 PM

anyone know why?

kian•11/20/23, 9:49 PM

Try adding https://github.com/rustwasm/console_error_panic_hook

mooon•11/20/23, 9:55 PM

alright

mooon•11/20/23, 9:56 PM

i added it

mooon•11/20/23, 9:56 PM

but i still get that vague error

mooon•11/20/23, 9:57 PM

this is how i've added it

mooon•11/20/23, 10:02 PM

dwayn•11/21/23, 2:15 AM

how to enable env.unsafe in cf workers?

Ddwayn how to enable env.unsafe in cf workers?

James•11/21/23, 3:25 AM

This? https://github.com/cloudflare/workerd/pull/1338
As of right now, it’s internal and workerd only

custom•11/21/23, 9:04 AM

is it possible to invoke context.waitUntil multiple times?

Ccustom is it possible to invoke context.waitUntil multiple times?

Hello, I’m Allie!•11/21/23, 9:05 AM

Yes

andrew•11/21/23, 9:48 AM

If anyone is interested I did a write up on how you can get .NET/C# code running on a worker

https://andrews.substack.com/p/bringing-net-to-the-edge-how-to-run

Bringing .NET to the Edge: How to Run Your CLI Applications on Clou...

A Walkthrough of Adapting Complex .NET CLI Applications for Cloudflare Workers and the Browser Using WASI

DDr. Koti Reddy . Saripalli What is the discord channel for ai.cloudflare.com

Hello, I’m Allie!•11/21/23, 10:25 AM

#cloudflare-ai probably

Isaac McFadyen•11/21/23, 12:06 PM

?channel-crossposting

Flare•11/21/23, 12:06 PM

Please do not post your question in multiple channels per the rules at #

welcome-and-rules. It creates confusion for people trying to help you and doesn't get your issue or question solved any faster.

Isaac McFadyen•11/21/23, 12:06 PM

I'm going to delete your question here and in #workers-for-platforms as it's already in one of the AI channels

ChecDePost•11/21/23, 5:35 PM

Hello guys, is it possible to create a custom access link to a specific file via cloudflare cdn api? I have been looking through the documentation all day but I don t seem to find my answer. A little direction would be greatly appreciated!

Hey, I’m using my own express server hosted on my vps to handle request for database updating, and t

Similar Threads