Hi, am new to Wix Code and couldn’t find this in the documentation.
I understand I can create a jsw containing my secret keys and use the fetch API in order to integrate with a 3rd party API like Google Calendar, and that I can restrict access to certain features in the front-end to Admin users using $w and the front-end auth information.
But how can I prevent a non-Admin user from discovering and hitting my backend function directly with bad data? Is there a way to check the logged in user/role in the jsw itself?
Thanks!