How to use Appwrite Cloud Functions to censor sensitive information

How to use Appwrite Cloud Functions to censor sensitive information

·

6 min read

Serverless computing has been marked by significant advancements, redefining how developers, organizations, and institutions deploy applications. This advancement has redefined the development process and provides developers and organizations with the ability to ship software efficiently.

At the forefront of this evolution is Appwrite, an open-source platform that leverages the power of serverless functions to create scalable, efficient, and cost-effective solutions.

Appwrite has also taken data privacy in serverless architectures to the next level by integrating the Pangea Redact API, a cutting-edge solution for sensitive data redaction.

In this article, we’ll showcase the Appwrite Functions template, its capabilities, and how it plays a pivotal role in censoring sensitive user information.

The complete source code can be found on GitHub. Clone and fork it to get started.

Prerequisites

To comfortably follow along with this article, we’ll need a few things:

Setting up Appwrite Functions

To integrate Appwrite Functions, we need to create a project on Appwrite’s console. To do this, log into the Appwrite console, click the Create project button, name the project appwrite-censor, and click Create.

Create a project

Head to the Functions tab on the sidebar and click Create Function to create a new function.

Create a function Next, click the GitHub button since we’ll manage our functions in a GitHub repository. To give Appwrite access to all repositories in the GitHub account, select All repositories and then click Install and Authorize.

Install and Authorize GitHub

Rather than creating a function using a starter template, let’s use Appwrite’s Censor with Redact template, which we’ll use to censor sensitive data. Click on All templates and select the Censor with Redact template.

Select all templates Select the “Censor with Redact” tab

Create a Pangea project

To fully utilize the Censor with Redact template, we’ll have to integrate Pangea Redact API into its configuration. Let’s head to Pangea, create an account, and set up a project. Configure the project using these details:

Organization NameAppwrite
Cloud ProviderAmazon (AWS)
Project Nameappwrite-censor
Geographical RegionUnited States
Locationus-west-1 (Use the default location)

After applying the configurations above, click Next. Then, select Redact as the common service and click Next.

Select Redact as a sevice

Next, copy the Default Token displayed on the project's dashboard; we’ll use it as a variable when setting up our Appwrite template.

Copy the default token

Let’s head back to the Appwrite console and configure the template using the details below. Name the template Censor with Redact, then select 18.0 as the Node.js runtime version. Click on Next.

Configuration

Set the default token we got earlier from Pangea's Redact dashboard as the PANGEA_REDACT_TOKEN and click Next.

Set the environment variable

Next, select the Create a new repository option and click Next. Then, input appwrite-censor-with-redact as the repository’s name and click Next.

Connect the function template to a repository Name the repository

After naming the repo, select the existing repository's default branch, then click Create. This exports the function template into a suitable directory in the repository.

Select the default branch

After this, our function template is successfully created and deployed. We should see the deployed source code in our GitHub repository.

Deployed template console Deployed template on GitHub

Glancing through the deployed source code, we’ll highlight two important files, namely:

  • index.html file: This is the template’s frontend file located in the functions/static folder, which consists of an input for receiving values.
  • main.js file: This file is in the functions/src folder and houses a function to interact with Pangea Redact API.

We’ll focus only on altering the main.js file to achieve the app's functionality.

Modifying the generated source code on GitHub

Clone the source code, open it in a code editor, and navigate to the src/main.js file. Then, edit the file as shown below:


    // src/main.js
    import { fetch } from 'undici';
    import { getStaticFile, throwIfMissing } from './utils.js';

    export default async ({ req, res }) => {
      throwIfMissing(process.env, ['PANGEA_REDACT_TOKEN']);

      if (req.method === 'GET') {
        return res.send(getStaticFile('index.html'), 200, {
          'Content-Type': 'text/html; charset=utf-8',
        });
      }

      try {
        throwIfMissing(req.body, ['text']);
      } catch (err) {
        return res.json({ ok: false, error: err.message }, 400);
      }

      const response = await fetch(`https://redact.aws.us.pangea.cloud/v1/redact`, {
        method: 'POST',
        headers: {
          'Content-Type': 'application/json',
          Authorization: `Bearer ${process.env.PANGEA_REDACT_TOKEN}`,
        },
        body: JSON.stringify({
          text: req.body.text,
        }),
      });

      const data = /** @type {*} */ (await response.json());
      return res.json({ ok: true, redacted: data.result.redacted_text });
    };

The snippet above changes the Pangea Domain URL to the geographical region of the Pangea project we registered earlier. Next, we must push the updated codebase back to the deployed template’s repository.

With that done, Appwrite automatically redeploys our function using the updated template.

Redeployed Code

Navigate to the Domains tab to find the generated domain from Appwrite. Click the generated domain and test the app. The app should work like this:

{% embed loom.com/share/7bac0330bab74a3c936519b8a2b2.. %}

Customization options for the Censor with Redact template

The Appwrite Function template we’ve chosen here — Censor with Redact — provides a range of options that serve the unique purpose of maintaining data privacy, adhering to regulations, and creating a user-friendly application. This depends on the specific use case and the type of sensitive information that needs to be protected or censored. Here are some standard options:

  • PII (Personally Identifiable Information)Ruleset: This option focuses on redacting common forms of personally identifiable information, such as names, social security numbers, addresses, phone numbers, and email addresses. It helps protect users' private data by masking their personal information.
  • Credit Card Ruleset: The credit card option is designed to redact credit card related information. It helps prevent the exposure of sensitive financial data that could be used for fraudulent activities.
  • Medical Information Ruleset: This option is tailored for redacting medical- and health-related information. It covers a range of medical identifiers, diagnosis codes, and patient information to maintain the confidentiality of healthcare records.
  • Custom Ruleset: Appwrite allows developers to create custom redact rulesets. This will enable developers to define their redaction rules for specific types of sensitive data or proprietary information. Custom rulesets can be adapted to unique use cases.
  • Profanity Filter Ruleset: A profanity filter option is designed to censor offensive language and inappropriate content in text data. It helps maintain a positive and safe user experience in applications.
  • Age Verification Ruleset: This option redacts age-related information to comply with age verification regulations, especially in age-restricted applications or content.
  • Sensitive Keywords Ruleset: Sensitive keyword rulesets help identify and redact specific sensitive or inappropriate words or phrases. It can be used to enforce content guidelines or moderation.

Conclusion

This post discussed the integration of an Appwrite Function template, Censor with Redact, for sensitive data censorship in applications. It also highlighted multiple use cases of the template's customization options, which provide proactive measures to safeguard user privacy, speed up development, and enable developers to build safe and privacy-conscious applications.

These resources may also be helpful: