I have a music based app I'm building using Parse for the back end. I'm wondering how I should structure my data when it comes to user identities:
A user can be a regular user, and also a musician, and also a venue owner, etc.
So the idea is that a user can have different identities.
I would love your help on how to best structure this data.
You can have a role column in your user table, assign the role based on the user. When the user logs in to the app, you will read his role and based on the role, the ui will be populated. Is this what you are looking for?
Related
I have a use case where I want to connect two different user roles, and if they accept and want to connect, new features will open up. It is very similar to how friend requests work at Facebook or LinkedIn, opening up and showing more content. Let's call them role1 and role2.
All users are stored within a "users" collection with an id. Depending on their provided role within the document attached to the "users" collection, they can store additional data in their respective role-collection, i.e., role1 collection or role2 collection.
What is the best approach and structure to connect the two users, i.e., become "friends"? Should I have the connection stored in a new collection, named perhaps connections-collection, or multiple collections?
I'm using Next.js, NextAuth for user authentication, and FaunaDB as a database. I'm using Fauna's query language, FQL.
Have you perhaps seen fireship's video RE: fauna db? I think it covers what you want to do and how you can proceed.
Edit: There are many ways to implement this. Based on my understanding, perhaps you can have "Friends" and "Requests" arrays stored under a user document. That way you can differentiate between confirmed friends or a just request.
Example: When user1 initiates a friend request with user2, you store user1's ref under "Requests" of user2's document. When user2 confirms, you move user1's ref to the "Friends" array.
This is just a overly simplified idea and you may need to consider your options and the implications. You would need to plan and define the predicate in both roles so you would only see what is necessary.
For Django-reactjs project, I have a user model in django which has 3 boolean fields (is_admin, is_moderator, is_normal_user), and I also have 3 other models, I want to set permissions for each user type. The user can only create objects for 1 model only, the moderator is the only one that can edit a certain model field, and admins can do everything.
It might be a trivial question but I am a newbie in Django and React so If you could please tell me how can I handle it with custom permissions(some steps to follow) and also how these permissions are handled from React.
Thanks in advance!
You need to check if the user has permission every time he is making an action, so when the React app calls your Django API, it will provide an authentication token right? That tokens corresponds to a unique user, so you can just do an if statement:
if request.user.is_admin:
do_everything()
elif request.user.is_moderator:
do_other_stuff()
While in the react app you would need the information if the logged in user is a moderator, admin or a normal user, so you can display the pages accordingly. To get that info, you may want to implement a '/me' endopoint that returns info about the logged in user, containg his status.
If you have no idea what Im talking about, I strongly recommend you to take a look at this video: https://www.youtube.com/watch?v=0d7cIfiydAc
The whole subject is too long for a stackoverflow answer.
Contact me if you still have any doubts.
We are removing User, User Group and Permission models from our backend in favor of Auth0.
Our first idea was to just delete User, Group and Permission tables from DB and replace related foreign keys with varchar field. In this field we would then enter IDs that we get from Auth0 in JWT (pointing to something not present in our DB).
Is this good approach? I somehow feel that there must be more "relational" way of doing this.
Generally OAuth will not do all of the permission checks for you. Instead it gives you general mechanisms to sign the user in and issue + validate tokens.
In most real world architectures you also need to manage a second level of authorization in your back end - using domain specific user data for roles, permissions etc.
A couple of write ups of mine may help:
User Data Management
API Authorization
Auth0 Community Manager Dan here,
In this scenario you may be able to leverage the RBAC to replace your existing users/groups/permissions setup.
You would register a user's roles and the associated permissions of each role in the Auth0 dashboard or programmatically via the management API. Then you can setup a rule to add user roles to the token.
To connect this user to your existing user data store you can store the Auth0 id, similarly to how you have described.
This allows you to lookup the user when the token is received, and to associate any permissions or roles the user has. You can make roles API-specific by adding a prefix to the role, or have roles be general depending on your needs.
I have my own login form for my website. In addition I have also added google and facebook login.
My question is should I add those user data that's login from (fb or google) into my own userdata table or create a different one each for google and facebook.
1) If I add to my existing one, the password column would be left blank(as fb do not provide one) and anyone who knows the email will be able to access it easily.
2) And if I make different table then I think it will become little complicated or slower when trying to access a user data from across the different table.
What's the best choice of doing it or any other method that's better than this?
Make sure users have to enter a password when they login with Facebook/Google, or make sure regular users do not use a blank password - users without a password can only login with the Facebook/Google API.
DonĀ“t create a separate table, it will only get more complicated. Extend the existing one with IDs (from Facebook and Google).
I have a requirement for hierarchical user management system
where I have 3 hierarchies:
User
Manager
Admin
Now, Admin should be able to get a list as well as edit registrations with role 'User' as well as those with role 'Manager'.
'Manger' should be able to get a list of of registrations with role 'Users' and should be able to edit them.
I had thought of proceeding like:
router.get('/:role',auth.isAuthenticated(),auth.hasRole('admin'), users.findByRole);
where hasRole defines the minimum level of role required to access/edit the data.
However, I do not want a Manager to be able to get the List of admins or edit the list of admins.
It should have access to users list only.
This links suggests using bitwise operatorsbut I am pretty confused with the idea of integrating this piece of code with backend i.e saving and retrieving data from mongo db . Can I please get some pointers?
Look at this project: https://github.com/arthurkao/angular-drywall
This is good MEAN-stack based web app template with user management.