In today’s dynamic business landscape, the importance of embracing transparency and non-hierarchical models has become increasingly evident. At AntStack, we firmly uphold these principles and are committed to ensuring that our employees are well-informed about our organization’s operations, including client interactions, expenses, and revenues. However, we identified a critical gap in effectively showcasing this information to our team members.
To address the challenge, we conducted extensive research on existing serverless applications and emerging startups, recognizing the need for streamlined operations and transparency. Consequently, we developed BizOs, a tailored serverless application that focuses on essential features and functionalities. Despite limited manpower and time constraints, we adopted an MVP approach to ensure an efficient and timely development process without compromising quality. Our dedication remains unwavering as we strive to deliver a streamlined and transparent solution.
The implementation of BizOs has significantly transformed our organization, simplifying revenue and expense management processes. We eagerly anticipate sharing our firsthand experiences and valuable insights on BizOs’ positive impact through an upcoming blog post. For a comprehensive understanding of BizOs and its capabilities, we invite you to visit our website at bizos.io.
WHAT MAKES IT A VIABLE PRODUCT ?
We knew an serverless application is an assortment of technologies behind that simplified user interface. But to make it feasible we need to integrate and use feasible resources which are easy to use, easy to understand, inexpensive and most importantly highly secured.
While building a viable product we were finding a most secure, efficient and flashy fast database provider. In research and development we landed upon a perfectly fulfilling requirement product know as Supabase. Now the question arises that why we aren’t using Firestore by Google instead of Supabase. So, to answer this clearly we wanted to use a relational database rather than a non-relational one. Aside from this Supabase let you run complicated queries and it is totally Open-source and there APIs supports TypeScript as well as CLI for terminal and CDN support as well. Best part it takes care for database upscaling.
RLS a Z+ Security:
Row Level Security (RLS) refers to a mechanism that applies constraints at the individual row level within a database table. This ensures that users are restricted from performing operations such as reading, writing, updating, or deleting data if they lack the authorized or specific access permissions for a particular action. By implementing RLS, users are prevented from accessing the entire database when executing queries.
Setting up RLS in the Supabase console is a straightforward process. It allows for the configuration of distinct roles with varying permissions for different tables. This enables fine-grained control over data access, ensuring that only authorized users can interact with specific rows within the database tables.
Story of AUTHENTICATION and AUTHORIZATION:
A feature one needs for their users to access the application and to identify who they are and what are the privileges they get after being getting access of the application. Most of us commonly get’s confused in these two terms AUTHENTICATION and AUTHORIZATION, first let’s clear this confusion -
- Authentication: The user which logged in to the application, should be able to continue and if yes, what is the role of this user in this application.
- Authorization: If the user successfully logged in and got the role, then according to there role what type of actions they are granted to do in the application.
Hoping back to supabase, It wouldn’t be that simple to implement authentication and authorization, if you have different source for authenticating your users as well as handling your users data in your database. Then here comes, SUPABASE which handles your authentication and authorization in a single click and the best part all your users data will be stored in supabase database itself. Secondly, if I want my users to get authenticate from other sources like: Google, Azure, Apple, Twitter, Slack, and many more. They have bunch, literally bunch of OAuth Providers you name it they have in there supabase api. It will overall leads to less code, less packages, and with all the Z+ security features. For Authorization we have already covered RLS roles and policies, which will allow only those users which have the access role for it.
The world of SERVERLESS Application:
Supabase automatically generates api from your database schema, but here is a catch we all think it will only generate basic apis only, nah nah nah… It will generate:
- Legendary REST APIs
- Modern GraphQL
- Futuristic Realtime
I prefixed them with some firm words, but they are actually REST, GraphQL, and Realtime. Let me explain a bit for all three of them:
- REST Api - they are generated using PostgREST, which are very stable and you will able to do all CRUD based operations from it. You can even use postgress functions.
- GraphQL - they are generating this using pg-graphql, you can perform all the CRUD operations as well as all the postgress table functions.
- Realtime - they were generated using there own real time module using websockets, you can listen to database changes in realtime and perform various operations in your serverless application depending on your needs.
There can be a case in your application where you need to store files, even folders. For that you might go for third party source, But supabase tend to solve this problem as well, giving a feature called STORAGE which combines with supabase api and hence lead to fast implementation and head on service to the users. User can access the bucket depending upon the role, which you have defined.
To Conclude SUPABASE:
In the context of developing a Minimum Viable Product (MVP) application, Supabase emerges as a highly advantageous solution that prioritizes rapid feature implementation to ensure user satisfaction. Supabase offers a user-friendly platform with comprehensive APIs, enabling developers to fulfill user demands quickly, often within a day. The supabase-cli tool further supports the entire development process, from implementation to deployment. Importantly, Supabase recognizes the value of avoiding costly beta releases for an MVP app, providing an initial generous free tier. As the serverless application grows, developers have the flexibility to adjust the usage tier accordingly, ensuring scalability without straining financial resources.