authentication-zero icon indicating copy to clipboard operation
authentication-zero copied to clipboard
verified publisher icon lazaronixon

User has many identities

Open brunoprietog opened this issue 3 years ago • 1 comments

Hi, Is it possible to consider the option that a user has more accounts associated? For example, that can log in with his Facebook, Google or Apple account. There would have to be an extra table that has provider, uid, and user_id. What do you think? Thanks!

brunoprietog avatar Mar 02 '22 23:03 brunoprietog

Hum… It is reasonable, I can implement it some day, but I need create a test infrastructure first 1 - User 2 - Account - User 3 - Account - Identity - User

lazaronixon avatar Mar 03 '22 00:03 lazaronixon

I think this would really be a nice addition. When multiple providers are currently use, it can lead to issues because while the provider/uuid is unique, the email is already in use. Also, I think is a rather common scenario to add multiple providers (and users forgetting which one they used).

I think it would be a good solution to add an extra model as suggested. I took the liberty to fork the repo and made an example on how this could work here: https://github.com/reinventit/authentication-zero

Would be happy to contribute to the project and work on a PR.

reinventit avatar Dec 02 '22 16:12 reinventit

Hum… It is reasonable, I can implement it some day, but I need create a test infrastructure first 1 - User 2 - Account - User 3 - Account - Identity - User

@lazaronixon I don't know if using Account is what we really want. In Basecamp, for example, Account represents an account that can have many people (Person). Each person has a personable_type that can be User. This User is the one that could have many identities, so that it can log in with Apple or Google, for example. The user is the one who is authenticated, not the account. What do you think?

brunoprietog avatar Dec 02 '22 16:12 brunoprietog

@brunoprietog I agree 100%. While we all know naming is the hardest part... In the fork I have used a 1-to-many to a table named 'authorizations' that contain the provider/uuid combinations.

reinventit avatar Dec 02 '22 17:12 reinventit

So... this would be the second situation that I've proposed... Account - User...

1 - User 2 - Account - User 3 - Account - Identity - User

lazaronixon avatar Dec 02 '22 17:12 lazaronixon

@reinventit I like that modeling, although personally I think identities makes more sense to the name of that extra table. Authorizations I feel is a concept related to the actions a user is authorized to do, such as read/write permissions.

brunoprietog avatar Dec 02 '22 17:12 brunoprietog

It could be something simpler like:

class User < ApplicationRecord
  has_many :identities
end

class Identity < ApplicationRecord
  belongs_to :user
  # id, provider, uid, user_id
end

brunoprietog avatar Dec 02 '22 17:12 brunoprietog

Yeah, maybe... let's see after rails 7.1, there are some features I want to add, then we can work on that.

lazaronixon avatar Dec 02 '22 17:12 lazaronixon

As mentioned in the inviting users issue, I'd be happy to share how I accomplished this. Particularly since these two concepts are so tightly related.

kylekeesling avatar Dec 18 '22 23:12 kylekeesling

Just for reference how to implement multiple providers https://github.com/omniauth/omniauth/wiki/managing-multiple-providers

lazaronixon avatar Dec 21 '22 05:12 lazaronixon