Backend only code?

[osseonews]

For many routes particularly for actions, we need to execute code that can only run on the server, like connecting to third party APIs where we need to pass a secret auth header. How is this done with adminforth? I saw something deep in the docs somehwere (I forget where), about some api.ts? But there is nothing I can find in the documentation about this. So how do you run server only code? Can you access ENV vars from some sort of API route? Thanks.

[osseonews]

Sorry, i see there is an api.ts file in the set up and it's an express router. It's not clear from the documents what exactly is available in this route, but I assume any kind of express code will work. Thanks.

[osseonews]

But my question now is that how do we call this API in an action? Just use fetch? And is it necessary? Are the actions like below running just on the server, so we can access process.env. in there or is this a kind of client side call?

{
  name: 'Auto submit',
  action: async ({ recordId }) => {
    // Called once per selected record when used as a bulk button
    await doSomething(recordId);
    return { ok: true, successMessage: 'Done' };
  },
  showIn: {
    bulkButton: true,   // triggers Promise.all over selected records
    showButton: true,
  }
}

[yaroslav8765]

Hi! Thanks for your interest!

Adminforth actions are executed at the backend only. We use fetch at the front

Your code snippet will add action button at the show view and at the list view. When you open record and press button with name "Auto submit", it will make an api call and there will be passed an record id, and then executed your code (at the backend).

If you want to execute your code on frontend, then you can create your custom component and use component injection: https://adminforth.dev/docs/tutorial/Customization/pageInjections/

[ivictbor]

@osseonews Hi, some detailed video description of what is going on in general in adminforth in terms of ways where you can put your backend code https://tracklify.com/video/3c086be0-967a-45ae-90ee-eb0234b6e469

[osseonews]

thank you! Very helpful. Just to confirm any ENV we expose in the action, will only be seen on the backends, not visible on frontend?

[ivictbor]

ENV we expose in the action, will only be seen on the backends

Exactly. Of course. Unless you pass it by yourself in your api responses it is only on backend. No worry. Same for actions and hooks.

BTW for some columns in db, you might want to set backendOnly: true - then they will be never, under no circumstances passed to frontend as well. Otherwise column values might be passed if you allow it in allowedActions

[osseonews]

Thanks. One more quick unrelated question: We previously used a kottster for our admin dashboards. It's an express app with react frontend. But that project has been totally abandoned and it's been really painful to migrate. This project actually seems even better, but of course we are concerned about maintainability. So basically, how is this funded? Will you have a subscription fee of some sort so you can maintain it, as I fully understand that it's very hard to maintain an open source project for a long time, if you can't monetize it. Thanks very much!

PS if we need help setting it up on Digital Ocean, can we just contact you thru your website?

[ivictbor]

Sure, good question.

We are Devforth — a software development team that has been delivering paid software development services since 2019. Premium top-quality services for pretty advanced web apps with strong scalability, security and performance requirements. This is the only way we currently generate revenue, and it is the only way we plan to generate revenue.

In the first years of our work, we used many admin frameworks and found that all of them were much worse than we needed in terms of extensibility and features for the day-to-day work we do for our clients.

To fix it, several years ago, we started building AdminForth.

Today, more four of our clients use it as their back-office solution. These are enterprise-grade clients with total yearly revenue volumes in the tens of millions. Couple of smaller startups that are growing now also use it.

To be precise, we are the ones who suggest AdminForth to our clients, and they agree because it lets us deliver much more value within the same budget and timeline. For example, they can get a back office with all the basics - TOTP, passkey 2FA, confirmations for financial operations, a WebSocket-based UI, dashboards, OAuth login, and much more - very quickly and at a lower cost. Their core products are not back offices; they are usually SaaS web apps, mobile apps, or similar products, but still need admin panels.

These are long-term products that we have grown from zero and continue to work on. As long as we are responsible for developing and supporting them, we will also support AdminForth, including security fixes, bug fixes, and new features when they become relevant.

For example, as you may see from our commit history, when agentic features recently became popular, we built an agent plugin and are still improving it, because agentic data management is a really interesting direction for this era. If some of these clients eventually stop using AdminForth or their businesses close, new ones may grow — and we are working on that as well.

Why do we publish AdminForth as open source? Honestly, there are several reasons:

• Even though this is a very narrow niche, some of our clients found us because of this framework. Awareness is important for us.
• Some people help us identify issues, security concerns, and possible improvements. There are not many such reports, but each one helps us make the framework better.

What you can do to help us keep the project alive much longer:

• Share it. We do not need donations or funding. You can do much more for the project by leaving a link to us somewhere on the internet, sharing what you think to others, starring the project, or writing something on X like: “Hey friends, I’m trying this now - check it out if you need to build an admin panel,” or anything similar.

Admin frameworks are a very narrow niche, so we do not expect huge awareness. That makes every share even more important for an open-source product like this.

At the end of the day, awareness helps Devforth stay busy, and we reinvest that back into supporting the framework. Since AdminForth is one of the drivers of our client business, it cannot be leaky or glitchy.

• Keep informing us if you have any issues. Our workload can be unpredictable, of course, so we respond when we can, as with any open-source project. But every piece of feedback, issue report, or request for clarification helps us improve.

And yes, if you wish help with DO, we can do it very easily I think, please contact https://devforth.io/estimation-request/ and we will respond back to your emails there