Hello everyone! I have a general question about Su...
# general
d
Hello everyone! I have a general question about SuperTokens, I like the idea of using it as an authentication server for my fairly large architecture with multiple services, but I'll also need the flexibility which I'm not sure it has. I'm wondering if those will be easy features to add or not, so in your experience, is SuperTokens easy to integrate with? https://supertokens.com/docs/thirdpartyemailpassword/advanced-customizations/apis-override/usage One example I have is that I want to expose some LDAP functions using LDAP.js and allow access to SuperTokens users, I will also use the new UserRoles recipe to get the LDAP functionality SuperTokens provides: https://supertokens.com/docs/nodejs/modules/recipe_userroles.html Furthermore, it would be great, if I could have more direct control over SuperTokens, for instance I want to create a certain user type with preset fields if they're coming from a specific tool, which means I could either override SuperTokens hooks, or what I would prefer to do is call a custom API method like
POST /auth/<user-type>
and then call a function from SuperTokens SDK to create that user: https://supertokens.com/docs/nodejs/modules/recipe_thirdpartyemailpassword.html#emailPasswordSignUp-1 Is this a good way to go about it? Also, how much data is recommended to be stored with the UserMetadata recipe? Should it only be for very simple structs or can I use SuperTokens to handle business data such as a paid subscription or personal data? https://supertokens.com/docs/thirdpartyemailpassword/common-customizations/usermetadata/about
r
hey @Dan6erbond
> One example I have is that I want to expose some LDAP functions using LDAP.js and allow access to SuperTokens users, I will also use the new UserRoles recipe to get the LDAP functionality SuperTokens provides: Im not too familiar with ldap.js, but our backend SDKs do provide functions like signIn, signUp etc.. which you can use with ldap.js it seems. > Furthermore, it would be great, if I could have more direct control over SuperTokens, for instance I want to create a certain user type with preset fields if they're coming from a specific tool, which means I could either override SuperTokens hooks, or what I would prefer to do is call a custom API method like POST /auth/ and then call a function from SuperTokens SDK to create that user: This makes sense. I would recommend that you override the predefined APIs, and can add the custom fields to the usermetadata post sign up. > Also, how much data is recommended to be stored with the UserMetadata recipe? In the DB, it's just a TEXT column. So you can store quite a bit. Keep in mind though that each time you query for the metadata, you get back the whole object. > Should it only be for very simple structs or can I use SuperTokens to handle business data such as a paid subscription or personal data? It can be used for anything, as long as you want to query it based on userId first. So for examlpe, if you are storing a user's subscription in it, the only way you can resolve queries like "give me all users who have subscribed", is to loop through all users and check their metadata. So for complex stuff, we recommend that you store that info in your own DB.
d
Thanks so much for your amazing response! This helps a lot! > Im not too familiar with ldap.js, but our backend SDKs do provide functions like signIn, signUp etc.. which you can use with ldap.js it seems. Yeah, I figured this as well. Given that the SDK exposes these methods, I guess it will be alright to leverage it like this as well? > This makes sense. I would recommend that you override the predefined APIs, and can add the custom fields to the usermetadata post sign up. So since my use-case is (most likely) to create the user through another authorized user, in an internal system, I don't think the sign up flow per se will be the way I can go because I will not be creating any sessions or so yet. I figured that's why the
ThirdPartyEmailPassword.emailPasswordSignUp()
would be the way to go? > In the DB, it's just a TEXT column. So you can store quite a bit. Keep in mind though that each time you query for the metadata, you get back the whole object. Got it, so I can store a lot, but probably shouldn't use it for too much complex data if I want to be able to query and such later. Makes sense. > It can be used for anything, as long as you want to query it based on userId first. So for examlpe, if you are storing a user's subscription in it, the only way you can resolve queries like "give me all users who have subscribed", is to loop through all users and check their metadata. So for complex stuff, we recommend that you store that info in your own DB. Perfect, thanks! Then it'll probably be combined with a separate DB for more complex stuff, but I think subscriptions can be handled in SuperTokens because I'll only be doing those kinds of queries for analysis, which won't be often. 😉
r
> Yeah, I figured this as well. Given that the SDK exposes these methods, I guess it will be alright to leverage it like this as well? Yea. It would be. > So since my use-case is (most likely) to create the user through another authorized user, in an internal system, I don't think the sign up flow per se will be the way I can go because I will not be creating any sessions or so yet. I figured that's why the Ah right. Fair. In this case, be sure to validate the input, for example, check that the input email has the right format etc..
You can also disable creation of a session in our default APIs, by overriding the
createNewSession
function in the Session.init to create return an empty session like so: https://github.com/supertokens/supertokens-auth-react/blob/master/examples/with-no-session-on-sign-up-thirdpartyemailpassword/api-server/index.js#L88
d
Oh, I see. That's awesome! Depending on all the data I have from the request then I might leverage those features as well! This is great! Hopefully SuperTokens has all the features I need, as it looks like so far I'll be able to customize it for my use-case. Thanks a lot!
r
Yup! Feel free to ask more questions here
40 Views