Build private variable

Errok · 2024-08-28T17:55:19.792Z

Hello ! I have always managed to find answers but for this case I need help.

I need to build a variable (private) from data that belongs to the user to send it to an external API. Here are the constraints:
1 - I don’t want him to know how I built the variable
2 - I don’t want to save the user’s answer right away (he chooses it in the interface)
3 - I want to keep track that the user has used this API because it costs me money. So users will have quotas.

If I do this in the workflow of the page by storing this variable in a custom state, the user will be able to see the contents of the variable in the response of the return request that informs of all the new states of the custom states (constraint 1 FAILED)

Using the backend workflow:

If I call the workflow directly, I can build the variable on the backend side (constraint 1 OK), I can keep a trace of the call on the server side (constraint 3 OK) but I am forced to store the result in the database (constraint 2 FAILED). In addition I will get a task number which is of no use to me. I will have to search for the result of the call based on an id of something…

Either I use the connector API. The problem is that I have no trace of the user who executed this action. Impossible to send it as a parameter, this would be a potential security breach.

Do you have any ideas?

Another question : can you tell me where exactly the page workflow is executed ? on the front , on the back , both, depend ?

senecadatabase · 2024-08-28T18:10:33.953Z

You can do that…

probably the easiest way would be to create a temporary token on the front end.

georgecollier · 2024-08-28T18:11:20.618Z

Errok:

Another question : can you tell me where exactly the page workflow is executed ? on the front , on the back , both, depend ?

Both, depends

Any data type with appropriate privacy rules will be hidden from the user.

So, you might have a data type API Call with privacy rules such that only the admin can see it, and the API Call has a User field, date, and whatever ‘variable’ you want. I don’t really understand your specific use case but if you want to delay storing it then you can do it with Schedule API workflow and creating it at a future date…

Can’t you just:

Track users answers on page
Schedule API workflow and pass answers to API workflow parameters
Create the thing in the backend which tracks the API call

If you need to return data from the backend to the user, then do the same but use this method: Log in "as a user" - but be careful. Admin usage - #6 by georgecollier

senecadatabase · 2024-08-28T18:34:44.877Z

You may be right…

but it seems like whether you use a temporary token on the front end or use the back end there are pros and cons to both.

The temporary token is a quick fix and hides everything.

But, that’s just with my limited knowledge of Bubble.

Errok · 2024-08-28T19:14:14.047Z

Yes but it means save the result of the API inside the database ? right ?

If I understand well, I generate a token from page workflow, I sent it by "schedule backend workflow " with time to current . And I get this token and the value in the database from the page workflow ?

senecadatabase · 2024-08-28T19:26:36.222Z

No. You don’t need to.

I used my favorite AI to make my answer clearer and more concise without going into a ton of details and confusing you. My answer would be longer and probably more confusing:

To handle the situation where you want to generate a token and make an API call without saving the result in the database, you can follow this process. First, you generate a token on the page when the user makes a selection. This token acts like a unique identifier for the user’s request.

Next, you use the “Schedule backend workflow” feature in Bubble to send this token to your backend. In the backend workflow, instead of saving the result of the API call in the database, you can process the user’s data and make the external API call. After getting the response from the API, you can send the result directly back to the frontend without storing it anywhere.

To keep track of how many times the user has called the API without saving their data, you can create a simple log in the database that records the fact that an API call was made, using the token to connect the request with the response. This way, you maintain the privacy of the user’s data, avoid unnecessary storage in the database, and still keep track of their API usage for quota purposes.

In summary, by generating a token, using backend workflows for processing, and sending results back to the frontend without saving them, you can achieve your goals of privacy and tracking efficiently.

Errok · 2024-08-28T19:44:38.808Z

Thanks for your answer.

However, “you can send the result directly back to the frontend without storing it anywhere.” it’s not possible with “Schedule backend workflow”. You will only receive the number of the scheduled task, not the response.

But the method of Log in "as a user" - but be careful. Admin usage - #4 by georgecollier seams a good way. I will dig .

senecadatabase · 2024-08-28T19:48:54.513Z

George always has good answers and knows a lot more than I do about Bubble.

I come from the code world where I’m used to doing things differently.

I hope you get a solution to your problem.

Errok · 2024-08-28T19:52:01.580Z

lol me too (10 coding years) Bubble is confusing sometimes

senecadatabase · 2024-08-28T20:03:40.466Z

10 years here too.

Sometimes it’s the exact opposite of what I think should work…

but, overall, for a no code platform, I think it’s the best out there.