I have made React Tutorial (https://www.meteor.com/tutorials/react/next-steps)
I have questions. I run meteor --production
And I see in code:
"tasks.setPrivate":function(e,t){if(i(e,String),i(t,Boolean),a.findOne(e).owner!==r.userId())throw new r.Error("not-authorized")
This is source of tasks.js
I think this is not secure to show this code to end user - he can find security mistakes.
I see this line in App.jsx:
import { Tasks } from '../api/tasks.js';
I’ve removed it.
Now I see this line only in server/main.js
import '../imports/api/tasks.js';
Why this information on client?
How I must edit my app to secure this issue?