*Am I violating current practices with the following architecture?*
1. on one subdomain/domain, a single service/module/app that defines
entry point for all datastore access.
1. probably only has API, no html
2. probably in Python
3. users will need to authenticate for some data, but not all.
2. on multiple other domains or subdomains, statically hosted and served
javascript front-ends (SPAs) will make https calls to the datastore service.
1. datastore service should manage data separately (multi-tenant) for
some clients coming from different domains.
2. clients are probably hosted statically
<https://cloud.google.com/storage/docs/hosting-static-website> on
various Cloud Storage instances
*Some questions:*
1. Is this the situation that Google Cloud Endpoints
<https://cloud.google.com/solutions/angularjs-cloud-endpoints-recipe-for-building-modern-web-applications#challenge>
solves today (2016) or is that outdated technology? (I say outdated because
the javascript client library does not offer Promise interface).
2. How should the datstore service *whitelist* the clients coming from
different domains or mobile apps?
3. Can I enforce *httpS* is used when clients interact with datastore
service?
Thank you for feedback.
John
--
You received this message because you are subscribed to the Google Groups
"Google App Engine" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at https://groups.google.com/group/google-appengine.
To view this discussion on the web visit
https://groups.google.com/d/msgid/google-appengine/eb8f14fe-ac29-4cab-9596-b7841de7e6e6%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
