Hello HN, realized I should introduce myself and not just my project. I building stuff on the web and this is the second time something I created actually goes LIVE.
Before this I created a website displaying snow conditions for a few hundred locations in Sweden. I love skiing and ski-touring and wanted a better way to find the best conditions.
Right now I don't have much time to work on my projects since I'm doing mandatory millitary service, which is part of the reason Simplytics.dev took so long to launch. But I'm hoping I might soon make my first buck selling zeros and ones.
Id love to recieve feedback, Hugo
I signed up for an account and it seems you are showing a code snippet with an API key for client-side code. How do you handle authorization? Can anybody use up my 50k events if they steal the key?
No, that key is verified against your domain connected to your user credentials. Meaning that if someone else uses you key on their website, their POST request to my server will be declined because their domain is not the domain you provided.
But you're right, might be a good idea to change the name of the key or work it out completely, it does look like it could be a vulnerability from an outsiders persepctive.