Hi everyone, I'm looking for recommendations on an all-in-one client management platform that can handle: - Client onboarding - Proposals - Contracts - Time tracking - Invoicing I currently use Hello Bonsai for proposals, agreements, and invoicing, and Timely for time tracking (suggested by a client). However, I find the invoicing process tedious. Ideally, I'm seeking a platform that automates these processes, especially for long-term clients. Please share any suggestions you may have. Thanks in advance!

Excited to share that I've published my first-ever tech blog! https://likhikaroutray.hashnode.dev/how-to-set-up-stripe-test-and-live-mode-on-xano-backendwebhook It's all about setting up Stripe webhooks with Xano, focusing on how to manage test and live environments seamlessly. If you've ever accidentally processed test payments in a live environment (oops! 😅), this one's for you! In the blog, I cover: - Setting up Xano branches and data sources - Configuring Stripe webhooks for different environments - A nifty trick to automate environment detection It's a quick read that could save you some headaches. Check it out if you're working with Stripe and Xano, or just curious about streamlining your dev process! Would love to hear your thoughts or experiences. Drop a comment or share if you found it helpful!

Hello Guys. In the last few weeks, I've been doing a tutorial on Toddle.dev. They seem to be an alternative to Wized, much more visual and, in my opinion, much easier for those of us who are NoCode, understand some Javascript, but struggle with building structures or flow diagrams. Honestly, I find it very powerful and far superior to Wized in many aspects. Has anyone else tried it? Could you share your opinions in comparison with other No Code WebApp Builders?https://toddle.dev/

We are tech-agnostic here - my view is that the best tool for the job depends on the job. With that being said, what tool do you find yourself using the most? This could include Zapier, N8N, and more! Which of the following tools do you use most frequently in your work?

DISCLAIMER: I'm not a security expert at all, so takes everything I say here with a gram of salt and do your own research! Apart from securing your endpoints with security measures (like Xano Auth Tokens), I found some other concerns you may have when building webapps. The easy and basic (no-brainer recommendations): 1. Xano automatically builds CRUD operations (without authentication) for each table you create. Unless you need them, turn that option off (on the new table menu). If you don't, anyone with your Xano URL (which may be obtained from your frontend) can call them (guessing the table name, such as "user" or "payment" or "property" or whatever you called them) and do funny stuff like read all your records, use the ids to delete them, or edit them, or create new ones without any of your logics. 2. Unless you need them to be public, hide all your API docs; same as the past example. If someone has your XANO URL, and you don't turn off your API docs, they have a guide on how to call your APIs on your behalf. This is especially concerning if you don't set authentication for each API that does sensitive stuff, which takes us to the next tip. 3. Secure all your endpoints that return info or do sensitive operations on your backend, but more than that, only return info to an auth token about the id saved inside the auth token. For example, if you have an API that returns the property of a user, don't query by a given user_id on the JSON body, but by the user_id stored on the authtoken! Xano uses JWT encoded tokens, which means that the auth tokens can contain info, and they contain the id of the user by default, so ALWAYS query by that. If you don't, anyone with an authtoken can trigger APIs on behalf of other users just by changing the user_id on the JSON body. 4. Encrypt any sensitive data on your db (such as card numbers, or user identification documents, etc.), or even better, don't save any sensitive data at all. Research if you can make that save payment method process without actually saving the user card details, the majority of vendors (such as Stripe) allow you to handle tokens that represent user payment data, but they handle the actual payment data (and more than probably, they are better at doing so). 5. Be careful with how you save the authtoken on the frontend and give each token a short life (I think the default 1 day is ok for most, but depending on your project, you may require longer or shorter).