Hello, I know that authentication is done on frontend and what I got so far is:
when the user authenticate, javascript sends an ajax call with the information.
But my question is, how do I check the authenticity of that information? To avoid for example someone sending the ajax call without even being authenticated.
you can connect directly to db to check the session
https://docs.moralis.io/moralis-server/database/direct_access
or maybe you could do something similar with cloud functions to read the session info from db and check it
there is no other way to do it? using the rest api maybe?
by using a cloud function it is equivalent of using a REST call
do you know how I can do that?
no, you have to write some code in a cloud function, I donβt know if it works, you have to try it, to query session table with master key
https://docs.moralis.io/moralis-server/database/queries
https://docs.moralis.io/moralis-server/cloud-code/cloud-functions#calling-via-rest-api