dan6erbond
07/11/2022, 7:08 AMrp_st
07/11/2022, 7:09 AMrp_st
07/11/2022, 7:10 AMrp_st
07/11/2022, 7:10 AMdan6erbond
07/11/2022, 7:13 AMrp_st
07/11/2022, 7:14 AMrp_st
07/11/2022, 7:14 AMrp_st
07/11/2022, 7:15 AMdan6erbond
07/11/2022, 7:21 AMThirdPartyEmailPassword
recipe is a huge amount of boilerplate code to setup, but if I only have to initialize that in the backend that handles sign-up/sign-in it will make things much easier!
> Creation of the tables happens on core start. The recipes are initialised so that the SDK knows which APIs to expose from the middleware
Oh, gotcha. Interesting. Then another question: How can I find out which APIs the middleware does expose? Those might be useful to ensure as much as possible happens over the main authentication server.
> What does groups really mean? We have users which can be mapped to an array of roles, and each role can be mapped to an array of permissions. So where does groups fit into this?
Well, in a standard directory like LDAP you have groups which could be tenants, organizational units, etc. while roles correspond more to the user's function within that unit. As I mentioned I've already solved the issue somewhat by using the UserMetadata
recipe to store the user's group, but it would be nice if that was part of the UserRoles
recipe as that seems to be handling the user directory overall.
Additionally, I'm not sure what the technical limitations exactly are, but being able to query users by UserMetadata
fields I feel would be an awesome addition, and at least in MongoDB and PostgreSQL that should be possible. I know SuperTokens also supports MySQL, so it might require a solution where MySQL reduces performance, but for querying users by certain value I'd find that extremely useful.rp_st
07/11/2022, 7:27 AMdan6erbond
07/11/2022, 7:31 AMdan6erbond
07/11/2022, 7:32 AMdan6erbond
07/11/2022, 7:32 AMdan6erbond
07/11/2022, 7:33 AMdan6erbond
07/11/2022, 7:33 AMrp_st
07/11/2022, 7:34 AMrp_st
07/11/2022, 7:34 AM