Hi, firstly thanks for squidex - it is a lovely app.
Having had a look through the code - am I right in understanding that it is not really possible to host the front end separately from the backend so that the front end could be hosted in a static hosting/CDN like S3/Azure Static WebApps, and then the back end could be a pure API, that could be fronted by an API management/orchestration layer, with CORS requests from front to back?
From looking at it the front/back end are very nicely segregated in source, but packaged together and so some minor issues with separate hosting I can spot are:
- Would need to build/repackage from source as front end is not packaged as a separate zip/docker
- Watch out for any CORS issues
- The embedded Identity-Server hosts UI in MVC so that would be blocked/awkward in a pure API backend and might need to be bypassed/worked around
- I could hack/reconfigure the Authentication system so that instead of using the embedded identity-server, the APIs should all trust JWTs issued by an external OIDC server with a public well-known discovery endpoint, and the UI would need hacking/config changes to obtain JWTs from the external token server rather than the embedded identity-server.
Is the above a reasonable summary? Anything else to worry about? Just trying to evaluate how I might host it, and if worth making the changes above to fit it into an existing landscape of APIs.