API exposure in order to allow add*

guix77 · February 27, 2019, 9:52pm

Hi,

There’s something I don’t get.

By default we have in the config:

"API": "/ip4/127.0.0.1/tcp/5001",

And on https://docs.ipfs.io/guides/examples/config/ it is advised not to change it:

You should ensure that this address is not dialable from outside of your machine, or other potentially malicious parties may be able to send commands to your ipfs daemon.

How exactly are we supposed to use the parts of the API useful to upload content from our dApps ? Like all the add* methods on GitHub - ipfs-inactive/js-ipfs-http-client: [ARCHIVED] now part of the https://github.com/ipfs/js-ipfs repo ? Is there a way to expose only a subset of the API ?
How does Infura do? They seem to expose only a part of the API (can’t add the link because I’m a new user here, sorry)

Thanks

hector · February 27, 2019, 11:31pm

You can expose parts of the API with Nginx or any other reverse proxy sitting in front of the IPFS API.

Also, since you can run js-ipfs directly in the browser, you can probably use it to add content to the network.

Also, IPFS Cluster has an API which supports basic authentication (permissioned endpoints coming up soon as well). Cluster might be interesting even with a single peer because of some API features, like attaching names to pins, or any custom metadata.

guix77 · February 28, 2019, 9:25am

Thank you very much Hector!

Topic		Replies	Views
Private IPFS api exposed outside	5	1241	June 20, 2019
Exposing part of the kubo RPC API Kubo	4	69	September 23, 2024
IPFS INFURA - Manually upload file IPFS	6	2112	January 7, 2019
Using JS-IPFS for ipns name publish Help js-ipfs , ipns	1	363	September 6, 2022
Public IPFS Gateway with add / upload option Help	7	1291	January 31, 2022

API exposure in order to allow add*

Related topics