I am using rematch(https://github.com/rematch/rematch) to in React JS, and for backend Its Feathers. If I want to fetch the records from database with certain conditions, I am able to pass the query from in API call in React code. Ex.
const empData = await employeeService.find({
query: {
$and:[
{employeeId: payload.empIId},
{name:"ABC"}
]
}
});
This directly passes the query to auto generated feathers service, and prvides me expected result too.
My question is, is it a good practice to pass these types of queries(May be more complex than this) from front end? Please elaborate the answer(what are the pros and cons etc.)
We do this successfully & extensively on several projects. It creates the greatest deal of flexibility. Changes can be implemented in the client as opposed to requiring changes in both the client & server.
This should be done in combination with a server that does not trust the client. The server should sanitize & rate-limit input queries to ensure that the client is not receiving anything it shouldn't.