Comments (3)
Should we really need to have a user table in our own db?
https://auth0.com/docs/users/concepts/overview-user-profile
from tottem.
Some takeways from my first researches:
-
Indeed, Auth0 seems to be easily handling unique usernames when signing up to the app (I have turned it on and it works fine)
-
That being said, there is no out-of-the-box integration with Social providers (i.e. Google) for usernames (https://community.auth0.com/t/ensuring-unique-username-across-different-connections/6656) and it doesn't seem feasible without pluging the connection workflow to an internal DB
-
Moreover, signing up with a social provider and then creating an account with the same email will create 2 separate users. Merging identical accounts would have to be also done on our side (https://auth0.com/docs/link-accounts)
-
When connecting through Google, the auth screen will always display "Choose an account to continue to auth0.com" unless the app gets "verified" by Google (https://stackoverflow.com/questions/44138213/google-oauth-consent-screen-not-showing-app-logo-and-name). This could take some time (up to 6 weeks according to them) but I can request a validation in the meantime.
-
And last but not least, because we are not using a custom email provider, this makes the "verify your account email" not very user-friendly:
I thus propose:
- Dropping the google connection for now, but still request authorization for the OAuth app in the meantime
- Disabling the "verify your account" email for now, until we setup a proper email provider (in a different issue)
- Users will only be able to sign up using a unique email / username combination
from tottem.
Do you mean that asking for username is not allowed when sign-in with Social providers?
Using a third-party (that could be very expensive) "just" for username / password sign-in without email confirmation might be overkill so ๐
I may miss the point, I did not get into auth0 documentation. I've just read this https://auth0.com/docs/users/concepts/overview-progressive-profiling
In my first impression we might want to do something like :
- Basic / fast sign-up (email password, โ or even without password, social providers)
- Once logged-in, asking for for information in our own app
- Using User Auth0 API to manage user data additional data
But, I've just ready on User Auth0 API that user can only be retrieved by an automatic generated user_id
https://auth0.com/docs/api/management/v2#!/Users/get_users_by_id :/
It means that:
- User API should not be used to store profile related information. I think we should have a Profile table. As you probably suggest first?
from tottem.
Related Issues (20)
- How to separate logic when updating Apollo cache that used as global store?
- Having to click "more" on mobile to see the rest of the collection is not intuitive enough HOT 1
- database HOT 5
- Design bug: A bit more horizontal padding needed on mobile
- Auth0 config help? HOT 3
- Auth0 help?
- Replacing auth0 with next-auth
- Setup React Helmet HOT 1
- Setup simple Auth0 authentification HOT 1
- Backend should be secured with Auth0
- Images should be stored and retrieve from proper CDN
- Images should be lazy loaded & optimized HOT 4
- Build collection page
- Migrate to Ant design HOT 1
- Unknown profile should return 404 not 500
- Add logo to header
- Section should be page to ease navigation and sharing
- Landing should be in french
- Add Franรงois profile HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from tottem.