How can i make model CUSTOMER be authenticable in same way model USER is?


#1

Hello.

Adonis works with JWT authentication with one model (User). But i need a way to use it with other model (Customer).

The use case:

I am creating an system for discount and coupons… And is used both in browser and mobile and works in multitenant way and AdonisJS is used to provide all API.

So if a restaurant owner want to add an discount offer for his monday dinners, he must be authenticated as an user of this restaurant… this point is fine. It has rules and permisssion to that for model User and of course, JWT authentication to the User model too.

But tomorrow, he can be an Customer of an shoes store, and need to use my app on his mobile device to get his coupon. So i need to make him authenticate as Customer, not as user… And in same scenarios i want to use email as the uid… and of cource, a different route to do that… all mobile access on my api has a preffix mob.

The question:

How can i do to implement multi model authentication?

Laravel framework for PHP provides an easy way to implement it by using extending the Authenticatable class… and i need to make something like this


#2

I’ve seen on this gb issue: https://github.com/adonisjs/adonis-auth/issues/121 about using more than one model to implement authentication. But i don’t understand how to do the complement.

I use JWT auth with refresh token strategy. So the tokens table is related to users by it’s FK: user_id… Do i need to create a new table to relate it with my customers table or just need to add a new Foreign Key customer_id on tokens table and relate them?


#3

Why not just use roles and ACL for this type of work?
Or you can specify on Sign Up user role, kinda user chooses which type of account he wants to create, an owner, or a customer. The only caveat, user will have to use different emails.
Or, you may create a profile model, that will keep data about user and its state, so when user signs up, he can create multiple different profiles, owner, user and act on their behalf. You will have to keep in session which profile is being used at the moment.


#4

Because i’m using roles and permissions to Users in some scopes… I have a tenant (Partner) that has Admins/Normal users… i have Companies(stores, shops, clinics, labs, doctors, ciname, etc) and the registered companies has Admin/Normal users too… so i just have a lot of roles/permissions/contexts…

And i have the Customer… Customers can buy products/services on each companhies… so… a User in a company is a customer in other… a user in a Partner can be a customer in other Partner(different city) and company on this other city… And all authentications are with email and password only.

So i think it’s more legible to isolate customers in other authentication container… and not just give it a new role…

In a short way…

I have a multitenant structure with one Partner per city, each partner/city has a lot of Companies signed… Partners and Companies has users with different roles, and all users has email & password as auth credentials.

Any person 18+ years old, can use the app, and can buy products and/or services in any company on different cities(1 city = 1 partner)…


#5

Also interested in separating auth for admins only logging in as admin in “backend” and customers only logging in as customers in “frontend”.

Couldn’t find any easy solution so please share if you find one.


#6

Peter, As i told before, i believe the solution is here: https://github.com/adonisjs/adonis-auth/issues/121 but i miss the whole package because refreshtoken strategy (tokens table)… how can i implement these relationships for other tables.