I'm working on a project in Laravel for learning the framework.
I create a basic register/login and after that I customize the register part.
What am I planning to achieve is the point where an user can act in multiple roles.
For example:
user1 can be normal user and administrator(with special access to the application) at the same time.
How should I design this from database point of view ?
Personally, I wouldn't create another "user" type entity for companies, but add another table for company data and connect it to a user. That way you are able to keep the default registration and login process.
If you wanted a slightly different form to register companies, I'd add another route & form to gather the "user" information as well as "company" information (company name, phone, fax, etc). Then when the registration is processed you can create the user entity, along with the company relationship with the given information.
However, if you still wanted to create completely different entities with login/registration flows, you'd have to build your own User Providers and implement the contracts needed.
Related
I'm new to Laravel framework.
I have a little experience with other web frameworks, especially Django web framework.
I need to create a web application with users AND companies registration support.
I've setup the user auth/registration with laravel jetstream.
The user registration form is ok for a normal user, but for agency registration the user need to put other details that are not needed for a normal user. These data are mandatory for an agency but not for a normal user.
I thought to edit the laravel User model and add all the extra fields required for agency registration (as optional in the Model), and the Jetstram registration view to include extra fields and a field to distinguish between User and Agency. If the user select "Agency" (in the registration form) I can show extra (required) fields through Javascript. Obviously I need also a kind of backend validation.
In django framework there is a clean method (in forms and models) that performs an Object level validation, so I can do a thing like this:
def clean(self):
cleaned_data = super().clean()
my_extrafield_1 = cleaned_data['my_extrafield_1']
my_extrafield_2 = cleaned_data['my_extrafield_2']
if (userType == "agency") and not (my_extrafield_1 and my_extrafield_2):
raise forms.ValidationError('You have selected "Agency registration" but some required fields have not been provided!')
How I can do the same thing with Laravel Jetstream?
And, is this the correct way to achieve my goal?
Scenario
I am working on a multitenant solution in yii2 following the Multi-Tenant Strategy walkthrough.
Currently, I have separated concerns for the tenants. Let's call tenants "organizations". Organizations are able to view only their data.
I am currently trying to make a signup for users under organizations. In order for the user to signup under an organization, normally, it would have to select which organization it's signing up under. If I use a dropdown, this would mean every incoming user would know all organizations using this solution which I do not want.
Question
How do I make a user signup under his/her organization automatically without having to select the organization?
What do I need to put in place to achieve this?
What I tried
Using a dropdown to select the organization: I dropped this idea for reasons listed above
Having each organization use a give a code to their users. This would work for the organization's employees, not for the organizations clients as they cannot possibly know all their clients beforehand.
I have based my multi-tenant application on the fact that tenancy selective element are associated to the user.
In my case during the sign-on phase an administrator assign which organisation ( or organisations) are available for this user..
Then if the user is assigned at one only organisation the multi-tenancy configuration is directly assigned by application otherwise, if the user is related to more organisations, after login in a combo are provided only the proper organisations for the user.
In the case of client organisation tipically is provided a sign-in for each organisation or a subsequent invite by admin or by app to access to other organisation .. depending of the kind or organisation are related to the client
I am new to CakePHP, planning to develop a marketplace website using CakePHP. Four types of users will use this website.
1. Anonymous
2. Administrator
3. Service Provider
4. Service Seeker
Can i use ACL plugin to develop the website. OR should i store these users in different tables and use this technique? CakePHP 2.x Auth with Two Separate Logins
Kinldy guide me which technique to use with it's structure.
Here, ACL will be the best solution. You don't have to manage anything manually. You only have to implement ACL successfully, that's it.
Having separate logins is against KISS and doesn't make much sense in any case. The only difference for example between a frontend and backend login is usually the view. Nothing else. If you have different user types they will still have a single login. Even if their data differs this should be abstracted by having one table that deals with the accounts (users) and another that is associated and contains the data (User hasOne FooProfile, User hasOne BarProfile). The association to the data or profile type table can be done on the fly after login depending on the user type.
ACL is relativly complicated and can become slow. Depending on the requirements I would evaluate role based access as well. I've written an easy to use RBAC adapter for CakePHP. See the test case to get an idea how it works. Basically you just have to define a map for the roles. By default the users table needs a field roleit can contain a single role or a comma separated list of roles. You can even have a table with roles but then need to generate that comma separated list, because thats what the adapter is expecting.
I have these tables in the database :
user:
- email
- lastname
- firstname
- password
userType1:
- fkUser
- specialCol1
- specialCol2
userType2:
- fkUser
- specialCol1
- specialCol2
I've made the Symfony2 authentification service working with user table but i want to store in the session (or in other place manage by the authentication) the associated object: userType1 or userType2.
Futhermore, i want to redirect the user to its account depending on his type.
So my questions :
How to make treatement after submitting authentification form ? (to determine which type of user it is)
How to tell to Symfony to manage an other object (the user type) in the authentification context ?
Have a look at the cookbook-entry How to load Security Users from the Database. The sections "Authenticating Someone with a Custom Entity Provider" and "Managing Roles in the Database" might be helpful.
I had a similar problem with an authentication-procedure where a User and their Tenant-memberships were required. I built a custom provider which basically looks like the one from the cookbook. When serializing the User I only use certain field (id, username, email) and the rest of the data is fetched via the provider's refreshUser(), where again the User and their relationships are fetched via QueryBuilder. I had the problem, that when serializing the User in the session, the relationships were "lost" otherwise and I had to refetch the User all the time.
After that it's basically what #BenjaminPaap wrote. You retrieve the user as described in the documentation and get the user types, etc.
If you want to redirect the user to a certain target depending on their userType, you might want to look at "How to create a custom UserProvider". The Listener provides everything you need to redirect the user according to their type right after login.
hi im trying to grasp cake(been thrown in to the deep end, without much help and tutorials seem to be a little scarce)
My question is we have three different types of users - business, businessUser, individual, we have created a table,model and controller for each three of the users. Is it possible to create one login page when using three types of controllers or do we need to combine everything into one controller and go from there?
sorry for such a beginner question but at this point I'm getting kind of desperate.
business - has many businessusers btw
Sounds like your models need a bit of tweeking. I'd suggest the following schema:
users table (User model)
- Contains information shared by all user types (name, password, etc.)
business table (Business model)
- Contains information unique to a business
business_users (BusinessUser)
- Contains information unique to a business user
individuals (Individual)
- Contains information unique to an individual (can this be combined with the User model?)
Now, you can link them up like this:
User hasOne Business
User hasOne BusinessUser
User hasOne Individual
Business belongsTo User
BusinessUser belongsTo User
Individual belongsToUse
A business would be defined as a User with an associate Business model, etc.
You could create three separate logins, if they are three completely different systems that will never share data or need to interact.
But it would probably be a better idea to rework your thinking.
User hasMany UserGroups.
UserGroup - id, role (e.g. BusinessUser, Individual). This approach allows you to extend should you ever need to without creating new controllers for different roles. It does depend really on what you are trying to achieve with these "user groups".
Handle the login in your user controller, and then depending on the user group, control access accordingly.
Or even just give the user a role, and again, depending on role, control access.
The cookbook offers a similar example