baas | boolean as a service | Microservice library

It seems the var username and var password are not updating along with my typing in the textfield. Since I used the $ to bind, what could be the problem ?

The View:

I am currently using firestore/firebase for my BAAS and am working on getting some data back from a collection. I have the data rendering and communicating properly however I cannot figure out how to clean up my effect hook properly.

I've read that firestore has a built in way to do it with the onsnapshot function but I cannot figure it out.

Here is the actual API call to the firestore database:

I want to use real-time data and StreamBuilder with the package called realtime_dart because of my BaaS. Supabase uses this package so I need it too as well. But I don't know how to use Socket hooks in the right way.

I am building an app using Firebase Firestore as a BaaS.

But I am facing a problem when I try to create a feed/implement full-text-search on my app.

I want to be able to search through all the users posts, the problem is, the users posts are structured like this in the Firestore Database:

Posts(collection) -> UserID(Document) -> user posts(subcollection that holds all userID posts) -> actual posts(separate doccuments within that collection)

I want to loop through every user's user posts subcollection and fetch all data for the feed, and also to implement it with a full text search app like Algolia or ES.

• I can loop through a specific user ID(code below), but being a beginner, I couldn't find a way to loop through all of them and fetch all of them.

  ...

I have created multiple beans of WebClient object inside my Configuration class because of different base urls.

I am autowiring these webclient objects in my service class DocumentVerificationServiceImpl with qualifier name client1 and client2.

I'm finding the Amplify SDKs for iOS difficult to work with, likely because we don't seem to fit in with their target audience. Amplify offers mobile developers a BaaS solution, and as such the Amplify SDK is heavily-geared towards this use case. Our team however has dedicated DevOps engineers who use Terraform to provision AWS resources. While their documentation states that it is possible to use the Amplify SDK with pre-existing resources, I'm finding it clunky at best -- having to manually configure the amplifyconfiguration.json file with limited documentation is frustrating, and I've had a lot of difficulty getting the Auth SDK to work with our Cognito setup. That, along with the vendor lock-in, is making me reconsider our decision to integrate the Amplify SDK in our mobile clients.

Which leads me to my question: are there any obvious disadvantages to using open-source client-side libraries to integrate with AWS resources instead of the Amplify SDK? Considering that we don't have any need for the BaaS aspect of Amplify and are only really needing OAuth via Cognito and GraphQL via AppSync, could we get away with using libraries like AppAuth and Apollo to forego Amplify entirely?

We're using SAP Cloud SDK 3.32.0 with SpringBoot. We've generated a typed OData service based on the EDMX metadata file generated by the service and use the generated client in our code. All logs entries showing our issue are below (cleaned them up a bit to show the important parts only)

The situation is the following:

• We send a myservice.createEntity(MyEntity).exectureRequest(myDestination) with the generated client. Since this is a modifying/creating call, the client first requests a CSRF token. This works fine as shown in the logs below (first HEAD and POST calls)
• Next we call a function with myservice.myFunction(p1, p2, p3).executeRequest(myDestination). This is a function exposed by the same OData service, so the service path is the same. Since this function is a POST, the client will again try to fetch a CSRF token. However, this results in a HTTP 403 Forbidden status code. We do not get the CSRF token (see second HEAD request in the logs below).
• The function call is still executed, but with an empty X-CSRF-Token http header (second POST request in logs).
• Although we seem to receive a response from the OData service, the client finallly times out (Read time out) and we are unable to process the result of the function call.

Debugging/clicking through the code of the CloudSDK, I discovered that the generated "FluentHelperFunction" class has it's own logic for retrieving the CSRF token (e.g. it uses "Fetch" in the HEAD requests), where as the FluentHelperCreate class uses the DefaultCsrfRetriever class (which uses lower case "fetch" for the HEAD call).

So my questions are:

• Why does the HEAD call for CSRF fail when done by a function call (i.e. myservice.myFunction())
• Why does the FluentHelperFunction class have it's own logic for getting a CSRF token?
• What can I do to make this work properly. Or is this a bug in the SDK?

Logs:

If I'm building a BaaS (Backend-as-a-Service) type of app, how would I give tokens to the users of my Clients' apps?

My thoughts:

• I'm thinking Authorization grant but that would cause a redirect.
• Users ask for Client to get token for them using client credentials. Not really OAuth2.
• Users ask BaaS directly for token which then asks Client first if it should. Not OAuth2 at all.

I can mark Client's Apps as first-party but that would still need a redirect just to get an authorization code. It would not just prompt for authorization.

Say I would build an SDK for this BaaS that might look like:

There are two applications that I'm building. I need to implement calling from one application to another. How can I implement that ?

Basically, user on app1 should be able to call user on app2. It's like how UBER customers can call UBER driver app using internet. I'm using firebase as a BaaS.

Please mention links to relevant articles and tutorials.