Good Practices - Custom Auth (default table) VS. Defining Own Auth Tables (for different user level)
106 views
Skip to first unread message
Jon M.
Feb 19, 2015, 11:57:32 AM2/19/15
to web...@googlegroups.com
Peaceful Greetings Web2Py Group!
In my first glances of practicing and implementing this awesome framework, came across with some doubts with the authorization topic.
In general database, server and services good practices, hand to hand with security, What do you think that is the best? (based on experience with hardcore data transmissions)
Customize the 'user_table' so the Auth library can do it's job done, adding fields and have all almighty admins, mid-admins of certain realms, and users of the different realms that are in the server, distinguished but stored in the same 'user_table'
Or, split that table, so each one out of 3 can have its own table.
I'm learning DBs on the way too, sorry if the question level bothers anyone. Kinda new in production environments... I know that it might be some answer out there, but I wonder about actual epoch IT solutions and experiences, having in mind the possible future scenarios. It's kinda scary to me, but awesome and challenging at the same time.
Thanks a lot for your attention! :D
Nice day | afternoon | night!
In my first glances of practicing and implementing this awesome framework, came across with some doubts with the authorization topic.
In general database, server and services good practices, hand to hand with security, What do you think that is the best? (based on experience with hardcore data transmissions)
Customize the 'user_table' so the Auth library can do it's job done, adding fields and have all almighty admins, mid-admins of certain realms, and users of the different realms that are in the server, distinguished but stored in the same 'user_table'
Or, split that table, so each one out of 3 can have its own table.
I'm learning DBs on the way too, sorry if the question level bothers anyone. Kinda new in production environments... I know that it might be some answer out there, but I wonder about actual epoch IT solutions and experiences, having in mind the possible future scenarios. It's kinda scary to me, but awesome and challenging at the same time.
Thanks a lot for your attention! :D
Nice day | afternoon | night!
Massimo Di Pierro
Feb 19, 2015, 11:15:26 PM2/19/15
to web...@googlegroups.com
I would never recommend splitting auth_user in multiple tables. It just makes everything else more complex. Moreover the roles you describe are not always exclusive and therefore you may end up with duplication of data.
Jon M.
Feb 28, 2015, 8:07:03 AM2/28/15
to web...@googlegroups.com
Currently working only with the 'auth_user' table, and I must say that I works like expected. Following the advices from Mr. Di Pierro, won't make any split of types of users or something like that, and will keep working and improving the use of this table and database in general. Thanks a lot!!! :D
Ron Chatterjee
Jan 29, 2016, 4:58:10 PM1/29/16
to web...@googlegroups.com
Is there an example of how to split the auth_user in two tables that allows people to sign up using the same way but allowing in creating two profiles (lets say one for seller and one as a buyer)? In other words a user can have only a buyers profile or a seller profile or same person can be both (like ebay). Anyone did something like that?
For example:
auth.settings.extra_fields['auth_user'] = [
Field('name', type='list:string', requires=IS_IN_SET (('Buyer','Seller'), multiple=True))]
Now a profile specific to seller and one for buyer. I am assuming it has to be a many to many relationship.
Marcelo Theodoro
Jan 29, 2016, 5:37:02 PM1/29/16
to web2py-users
See [1].
I'm working on a project that needs seller/buyer logins, where the seller needs to input information about the store and the buyer must provide and address. But instead of be using the auth_user table to store that information, I'm using db.store and db.address, and then after the user(seller/buyer) sign up he is redirected to a controller that provides a form to input the address/store. The good part about his method is to be possible to have more than one address and more than one store by the same user.
I'm working on a project that needs seller/buyer logins, where the seller needs to input information about the store and the buyer must provide and address. But instead of be using the auth_user table to store that information, I'm using db.store and db.address, and then after the user(seller/buyer) sign up he is redirected to a controller that provides a form to input the address/store. The good part about his method is to be possible to have more than one address and more than one store by the same user.
Em sex, 29 de jan de 2016 às 19:58, Ron Chatterjee <achatte...@gmail.com> escreveu:
Is there an example of how to split the auth_user in two tables that allows people to sign up using the same way but allowing in creating two profiles (lets say one for seller and one as a buyer)? Anyone did something like that?
On Saturday, February 28, 2015 at 8:07:03 AM UTC-5, Jon M. wrote:Currently working only with the 'auth_user' table, and I must say that I works like expected. Following the advices from Mr. Di Pierro, won't make any split of types of users or something like that, and will keep working and improving the use of this table and database in general. Thanks a lot!!! :D
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups "web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to web2py+un...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Ron Chatterjee
Jan 29, 2016, 5:53:50 PM1/29/16
to web...@googlegroups.com
Were anyone able to get this stack flow to work?
Reply all
Reply to author
Forward
0 new messages