Hey. I really like this library especially the pas...
# support-questions-legacyd
Deleted User
07/17/2022, 3:55 PMHey. I really like this library especially the passwordless recipe. One thing that doesn't quite make sense to me is that most auth solutions are implemented as a standalone API service which the frontend can directly talk to, but with ST you have to implement the endpoints using the backend sdk which is perfectly fine but that essentially renders the core useless. In theory you can just integrate all of the functionalities of the core directly into the backend sdk and completely get rid of an additional service.
r
rp_st
07/17/2022, 3:57 PMHey @Deleted User the endpoints are exposed via the backend SDKs as well. if you add the SuperTokens middlware to your app that we provide, it will expose those APIs for the frontend.
Those APIs in turn talk to the core for operations that require a db.
That being said, you can override all the functions of the recipe to talk to your own db if you want, and then you don't need the core - but as you would expect, this is quite a lot of work.
d
Deleted User
07/17/2022, 4:03 PMThx. I was aware of the middleware and when I said implement i meant expose. As for the second point, are there any examples/reference that i can look into? Honestly I'd rather do some extra work than pay for additional db and service hosting.
r
rp_st
07/17/2022, 4:05 PM> when I said implement i meant expose.
What do you mean by expose? The middleware does that too. You can call those APIs from the frontend.
> As for the second point, are there any examples/reference that i can look into?
Well, no specific examples of this, but you can checkout https://supertokens.com/docs/passwordless/advanced-customizations/backend-functions-override/about
> Honestly I'd rather do some extra work than pay for additional db and service.
you can connect the core to your own db as well.
y
yarfink
07/17/2022, 4:05 PMdepending on your hosting situation, you could just add another schema to your current DB and hook supertokens into that schema, instead of its own DB
d
Deleted User
07/17/2022, 4:21 PMI checked it out but it seemed to me that the core is not only responsible for talking to db but some other functionalities like generating otp/magic link is also done by the core. As you said that'd be way too work.
r
rp_st
07/17/2022, 4:21 PMyes correct.
w
wdjzr
07/19/2022, 3:17 PMI am selfhosting the core on the same machine with my backend and I use the same database for the core and my backend, all in a 5$/mo vps. Didnt come across any performance issues yet
d
Deleted User
07/19/2022, 6:43 PMI can imagine. I'm deploying containers on a PaaS though.
Deleted User
07/30/2022, 9:34 AMHere's a suggestion: I think it's possible to rewrite all of the functionalities of the core as Postgres SQL functions that run directly in the database and eliminate the need for an additional service. Of course this would tie the SDK to Postgres but it isn't really a problem. Users still have full custody over their data.
r
rp_st
07/30/2022, 9:36 AMHmmmm. But then the different backend SDKs would have to all repeat the queries. And we do want to support other dbs as well. Even mongodb in the future.
rp_st
07/30/2022, 9:37 AMIf you really want to eliminate the core for your specific use case, you can override all the recipe functions that talk to the core with your own logic that talks to your db.
d
Deleted User
07/30/2022, 10:53 AM> But then the different backend SDKs would have to all repeat the queries.
They wouldn't. Queries are written as a SQL function once and different SDKs can just call them. https://www.postgresql.org/docs/current/sql-createfunction.html
> And we do want to support other dbs as well.
That's the tradeoff. Postgres is a real beast though, Supabase has literally built a company with it.
> you can override all the recipe functions that talk to the core with your own logic that talks to your db.
That's possible for simple email password, but much harder for passwordless. I switched to GoTrue for now, but I really like this library since it lives almost entirely in your backend and needs no webhooks; Although the core is a real pain in the * š .
r
rp_st
07/30/2022, 10:56 AMWell, even with gotrue, you have to run a service, similar to how you run the core? And if you are using managed service of supabase, we also provide a managed service which runs the code for you
rp_st
07/30/2022, 10:57 AMSo is the actual issue that we use Java vs gotrue using golang?
rp_st
07/30/2022, 10:58 AMAlso talking about webhooks, why donāt you like them?
d
Deleted User
07/30/2022, 10:59 AMI've mentioned this before, gotrue is a standalone API service that the frontend can directly talk to. It's just that the current ST architecture doesn't make sense to me.
r
rp_st
07/30/2022, 11:00 AMHmm. Alright! Thanks for the feedback.
rp_st
07/30/2022, 11:00 AMWhat are your thoughts on webhooks?
rp_st
07/30/2022, 11:01 AMWhy do you prefer āwhole lib living in the backendā vs making webhook API?
rp_st
07/30/2022, 11:01 AMCause the webhooks also live on your backend
d
Deleted User
07/30/2022, 11:02 AMIt's simpler. No need to create an endpoint.
r
rp_st
07/30/2022, 11:02 AMAnd what are some issues with creating endpoints? Any specific reason or just extra cognitive load?
d
Deleted User
07/30/2022, 11:04 AMFor me simplicity rules. But also my serverless platform bills by the request count. š
r
rp_st
07/30/2022, 11:05 AMHmm I see. But the relative cost of the number of webhook calls from auth server vs calls from your appās frontend is very very low right?
d
Deleted User
07/30/2022, 11:05 AMOf course.
r
rp_st
07/30/2022, 11:06 AMSo itās just simplicity then? Just not needing to create and manage extra APIs
d
Deleted User
07/30/2022, 11:07 AMThat's the main point.
r
rp_st
07/30/2022, 11:07 AMGotcha
d
Deleted User
07/30/2022, 11:09 AMThanks for the amazing support. Keep up the great work. š
r
rp_st
07/30/2022, 11:09 AMThanks!