Simple like button that increments a number field - how to handle?

Noob question. :stuck_out_tongue:

I’d like to create a blog with Contentful. One of the features I planned are “like” buttons (think medium “hearts”). My app will be a SPA written in JS.

From what I can see, mutating content has to be done using a different API than simply fetching said content. Since this is going to be an SPA, a call to increment an integer field would require me to bundle a content management api token with my SPA. That’s probably not a good idea …

You suggest using 3rd party services for comments. I get that. But what about something trivial like this? Is there a way to selectively allow public write access to content type properties?

Or how would one go about such a feature? Different datastore alltogether? An API facade?

1 Like

Hey @oliverstuder,

the management API key is not intended to be distributed with your app. If you do so, everyone could create. modify and even delete your content!

In general Contentful is not intended to store data, that your own users are generating.

If you do want to go that route, you could create a small service (e.g. lambda function) that handles user authentication and then updates Contentful via the management SDK. With that your token stays safe in your service and the user can’t fiddle with your data.