Book Image

Building Single-page Web Apps with Meteor

By : Fabian Vogelsteller
Book Image

Building Single-page Web Apps with Meteor

By: Fabian Vogelsteller

Overview of this book

Table of Contents (21 chapters)
Building Single-page Web Apps with Meteor
About the Author
About the Reviewers

Database everywhere

In Meteor, we can use the browser console to update data, which means that we can update the database from the client. This works because Meteor automatically syncs these changes to the server and updates the database accordingly.

This happens because we have the autopublish and insecure core packages added to our project by default. The autopublish package automatically publishes all documents to every client, whereas the insecure package allows every client to update database records by its _id field. Obviously, this works well for prototyping but is infeasible for production, as every client can manipulate our database.

If we remove the insecure package, we will need to add "allow and deny" rules to determine what a client is allowed to update and what they are not; otherwise, all updates will get denied. We will take a look at setting these rules in a later chapter, but for now this package serves us well, as we can immediately manipulate the database.

In the next chapter...