正确使用电子 [英] Properly using Electron

问题描述

我想进入Electron，并且我已经开始学习它了，但是我认为我不太了解应该如何使用它.通过收集，我可以使用Electron使用 HTML，CSS和Javascript 创建跨桌面应用程序(Chromium)，并在后台(NodeJS ).

I want to get into Electron, and I have already started learning about it, however I don't think I quite understand how I am supposed to use it. From what I gathered, with Electron I am able to create cross-desktop applications (Chromium) with HTML, CSS and Javascript and do tasks in the background (NodeJS).

让我感到困惑的是:

• 我应该如何在服务器上使用它?

例如，我构建了一个简单的NodeJS应用程序，该应用程序使用Passport和其他一些模块来创建登录/注册系统(使用MongoDB).它具有用于登录和注册的HTML文件.

For example, I built a simple NodeJS application that uses Passport and a few other modules to create a login/registration system (with MongoDB). It has HTML files for logging in and registering.

我不确定如何在我的Electron应用程序中使用它，实际上，我不太了解如何实际使用Electron.我应该将所有登录/注册应用程序代码移到Electron应用程序，还是应该使用Electron以某种方式连接到我的登录/注册应用程序并加载网站?

I am not sure how to use this with my Electron app, as the matter of fact, I don't quite understand how to actually use Electron. Should I move all of my login/register application code to the Electron application, or should I use Electron to somehow connect to my login/registration application and load the websites?

• 如果我要将代码移至我的Electron应用程序，会引起安全性问题吗?

推荐答案

我应该如何在服务器上使用它?

How am I supposed to use this with my server?

您需要考虑将应用程序作为一个独立的桌面应用程序(充当客户端应用程序)与由云提供商托管的API和后端逻辑的服务器相对应.

You need to think about separating the application as a stand-alone desktop app (that acts as a client-side application) vs the server for your API and backend logic which are hosted by a cloud provider.

这样做，您可以专注于桌面(电子)应用程序的关注点分离，以及确保服务器(例如API，身份验证和其他后端逻辑)得到很好的优化并可以自己充当多个工作人员.

By doing this, you can focus on the separation of concerns for the desktop (electron) application as well as ensuring servers (such as API, authentication, and other backend logic) are well optimised and serving as multiple workers of themselves.

如果我要将代码移至我的Electron应用程序，会引起安全问题吗?

If I were to move my code to my Electron app, would it cause security issues?

如果您不定期更新Node版本(例如，内存缓冲区溢出攻击)，则Electron应用程序开发中会存在一些安全问题.

There are some security concerns with an Electron application development if you do not regularly update your Node version (such as memory buffer overflow attacks).

要考虑的另一个问题是Electron社区如何服务和解决客户端应用程序的权限问题以及用户安装您的应用程序时授予的常规文件权限.

Another issue to consider is how the Electron community serves and resolves issues of permissions for the client-side app and the regular file permissions which are granted when the user installs your app.

作为开发人员，您有责任确保第三方库不会损坏用户的计算机. (设想安装一个库依赖项，其目的是恶意删除整个文件系统).

As a developer, the onus is on you to ensure third-party libraries are not damaging the user's computer. (imagine installing a library dependency whose purpose is to maliciously delete the entire file system).

我构建了一个简单的NodeJS应用程序，该应用程序使用Passport和其他一些模块来创建登录/注册系统

I built a simple NodeJS application that uses Passport and a few other modules to create a login/registration system

对于身份验证，您可以根据提供给身份验证服务的客户端请求/帖子提供来自API的响应.您不必一定要将身份验证服务器提供/安装到您的Electron应用程序中，因为这对于用户进行更新可能会有些麻烦，并且会将您的身份验证服务公开给其他人进行逆向工程/破解.

For authentication, you can serve responses from your API based on the client-side requests/Posts that you provide to the authentication service. You don't necessarily have to provide/install the authentication server into your Electron app, as this can be somewhat troublesome for the user to update, as well as it exposes your authentication service for others to reverse-engineer/crack.

这篇关于正确使用电子的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！