Angular and Database Access : Proper Practices

Question

I get the general idea at this point, angular.js is client-side, so any attempts to do database communication is done via initiating get/post requests to a server-side script on the server (via node, php, asp.net, whatever you're using)...

Only thing I haven't been able to determine is what's the proper practice for this in both conventions/security : do you make specialized pages for many of your particular queries, or 1 to a few general purpose pages that run whatever passed in as parameters. That latter option seems like a security nightmare but at the same time making a page for each table's select,insert,update, etc also seems nonviable.

To be clear and try and focus this back to a single question, it feels like I'm missing a concept here. How do you structure the database calls for an angular.js application?

For your particular queries on the server side, you can implement a RESTFul service: en.wikipedia.org/wiki/Representational_state_transfer — Huy Hoang Pham
– Huy Hoang Pham, Commented May 26, 2015 at 1:29
If I'm understanding your question correctly, the concept you're missing is asynchronous requests (ajax). As far as app structure, you generally create a service to handle database communication. In a nutshell: github.com/johnpapa/angular-styleguide#data-services — Shawn Erquhart
– Shawn Erquhart, Commented May 26, 2015 at 5:16

Andy Gaskell · Accepted Answer · 2015-05-26 02:19:03Z

1

From a security standpoint it isn't very different than a traditional web app. Your web server sends and receives json (most likely) instead of html. This means using something like rails-api instead of full rails. It's best to think of your Angular app as completely disconnected from your web server like an Android or iOS app is.

You might use token based authentication instead of cookies (nothing would preclude you from using token based auth in a traditional web app but I wouldn't say it's commonplace in traditional web apps). Other than that any concepts that apply to securing a traditional web application apply to securing an API.

answered May 26, 2015 at 2:19

Andy Gaskell

31.8k6 gold badges79 silver badges84 bronze badges

Sign up to request clarification or add additional context in comments.

Comments

Max · Accepted Answer · 2015-05-26 02:10:27Z

0

What database do you use? Structure depends on the app you're building and if DB is relational or not. It's a strategic question, for example it may be better to have nested documents, or not.

edited May 26, 2015 at 2:10

answered May 26, 2015 at 1:56

Max

1,48015 silver badges26 bronze badges

Collectives™ on Stack Overflow

Angular and Database Access : Proper Practices

2 Answers 2

Comments

Comments

Your Answer

Hot Network Questions

Collectives™ on Stack Overflow

2 Answers 2

Comments

Comments

Your Answer

Sign up or log in

Post as a guest

Related