Server Extension Programming Guide

Sometimes, you may want to add some custom logics on the server-side to assist your mobile app development. For example, your application may want to leverage the data in Kii Cloud without downloading them to the client device. With the server extension, you can put and execute your custom logics written in JavaScript (server code) in Kii Cloud.

Basic steps

The basic steps for leveraging the server extension are as follows:

  1. Review the functionality of server code.

    You can execute server code with the four methods.

    Review the available functionality described in Functionality of Server Code.

  2. Write server code.

    Write your custom logics in JavaScript by leveraging the Kii Cloud SDK for JavaScript and other public modules.

    See Writing Server Code to learn more.

  3. Manage server code.

    Deploy your server code, select the version to activate, and set server hooks by using the command line tool provided by Kii.

    See Managing Server Code to learn more.

  4. Execute server code.

    Execute your server code manually via the Kii Cloud SDK for Android, iOS, or Unity, or the REST API, or automatically via server hooks. When manually executing server code, you can pass custom parameters from the client to the server code.

    See Executing Server Code to learn more.

Advantages of the server extension

Here are some advantages of using the server extension.

Preventing code disclosure

Server code is deployed on the server and virtually hidden from clients (i.e., the client just receives execution results). This will prevent malicious users from analyzing and misusing your code.

Uploading and downloading server code requires the correct access keys, namely the ClientID and ClientSecret. These keys are only known to the app administrator (i.e. These keys should not be embedded in the client modules). It is therefore hard for malicious users to access and analyze the logics in your server code.

See Security to learn more about how to protect your application from unauthorized data access.

Accessing as the app administrator

You can easily implement app administrator operations with the server extension.

To operate as the app administrator, you need to present the ClientID and ClientSecret. These keys should be kept in secret, so you should avoid embedding them in a client application. This makes implementing the app administrator features in a client application unrealistic.

Server code, on the other hand, is deployed with the ClientID and ClientSecret. This will allow the code to get the app admin context and operate as the app administrator. Once it gains the app administrator privilege, it can access all data in the application (e.g., copying User A's data to User B).

Using the latest code

Normally, updates to your mobile app only take effect when users install the updated version of the mobile app on their devices. By implementing your mobile app to execute server code, you can push the update instantly just by deploying new server code with the command line tool.

One good example is to implement a logic that will change frequently (e.g., an implementation for a short-term event) in server code. This will allow you to reflect the logic change instantly without distributing a new mobile app.

Ensuring stability

Since server code runs on the Kii Cloud server, you can expect more stability than running the same logic on client devices. This is especially true for those logics that will lose the consistency if the execution is interrupted (e.g., by a network error). See Transactions for more details.

Ensuring implementation completeness

A trigger-based hook will help you to catch specific events and execute necessary logics. For example, suppose you want to execute some operation every time data in buckets are updated. If the data updates occur in multiple places in your code, it could be hard to maintain all of them. By setting a trigger-based hook, you can easily track all data update events in your code and execute the necessary operation with lesser possibilities of defects.

Note that data update caused by a server hook does not invoke another trigger-based hook. This is to prevent an infinite loop of triggers. Keep this in mind when you implement server code that would be called by a trigger-based hook so as to ensure its completeness.