aantsypau
Posts: 16
Joined: Wed May 24, 2023 7:57 am

Server code security

I saw some activity on my app where a user invoked the user registration script from outside my app and got themselves registered into the database.

Does appery provide any security measures where this script can only be invoked through the app?

aantsypau
Posts: 16
Joined: Wed May 24, 2023 7:57 am

Re: Server code security

The problem you're encountering isn't unique to Appery's backend; it's a common one that can affect any backend system.

Here are a couple of possible solutions that could help:

  • Embed a security value into the application, then relay it when executing the registration server code.
  • Send a push notification to the phone and transmit this code during the registration process.

Return to “Issues”