I’m hoping I can beg a little advice from one or more of the Wappler users here.
I’m trying to create a proof of concept in Wappler of a multi tenant database system, and while I’ve got something that works I have a strong feeling that it could be better.
Goal: using PostgreSQL, create a system where Users can register for a site and create data for their account, and for that data to be completely discrete from other people potentially using the same website and system and creating their own data.
I’ll add the important note here that I am not (yet) a backend developer, so I don’t have the experience or skill to just know this stuff.
I’m not after a hand holding either though, perhaps just a push in the right direction.
Anyway, here’s what I have:
I recently ran through the entirety of @Hyperbytes Wappler 5 tutorial, and found this an amazing resource, one I can’t recommend highly enough for any Wappler beginner.
Based loosely on that tutorial I have created a process where:
- User registers for site
- Account ID code is generated and assigned to User.
- Every API call has conditions added to it that check the Account ID of the currently logged in user.
If you’re wondering at this point why I bothered with the Account ID, it’s because at some point the User can invite other Users, so they would access the same data and share the same Account ID.
And very simply that’s kind of what I have - and it works, it does what I hoped it would do. The obvious limitations are administrative - every API call needs to have a condition to check the identity and the account ID of the logged in user and filter data accordingly - if I get one wrong, or leave one out, then the system breaks down and Users lose all confidence.
What I’m wondering is - what would I have done if I was a backend developer? What would best (or better) practice be? Am I missing a trick here in my ignorance, where I’m making this much more difficult than I need to?
Is there a way to integrate the row-level security of PostgreSQL in Wappler? And is it something that can be managed from Wappler? This RLS concept comes up a lot in my research, and has been mentioned on the forum before by @JonL, but there’s nothing about its usage or setup.
Any tips, pointers, examples or advice from anyone would be greatly appreciated.
Last updated: