Very interesting, I really think that http APIs are just a user management layer that could be easily abstracted away now that we can do so many things client-side.<p>How do you handle permissions ? or how do you pervent a clients to erase the database ?