Supplemented Authentication and Sign Up

2 posts, 0 answers
  1. Kelly
    Kelly avatar
    73 posts
    Member since:
    Apr 2011

    Posted 16 Dec 2013 Link to this post

    Hello,
    I want to change how my users are registered and authenticated, to consider another field called Organization.  Effectively, I want to allow users to register by invitation only.

    Specifically, when a user registers, I will make them supply their email address, a password, and an Organization string that I will give them on paper before registering. I do not want the user to be able to register unless that Organization is found in my Everlive database in a table of Organizations that I maintain.  The Organization string used to register would be the Id of an item in that table.

    I added an Organization field to my Users table and added a Relation field (single) pointing to the Organizations table. I find that there don't seem to be any database consistency rules applied to Relation fields when adding records, as is my experience with other relational databases, such as SQL.

    I think I am misunderstanding and misusing the Relation, so here are my questions:

    1) Is enforcing membership in an Organization something I will have to do in Cloud Code - and if so, can it be done?
    2) Are Relation fields useful outside of Queries?
    3) The documentation says a Relation is for storing "the pointer to an Id of an external type." Yet, I seem to be able to store any string in a Relation field. What am I missing?

    Sincere gratitude,

    Kelly
  2. Anton Dobrev
    Admin
    Anton Dobrev avatar
    539 posts

    Posted 18 Dec 2013 Link to this post

    Hello Kelly,

     1. Yes, it can be done in the Cloud code using the JavaScript SDK, which is available there.

    The most appropriate way is to plug some code before creation(registration) of a user. You can check if the string provided by the client corresponds to an existing organization in the ‘Organizations’ content type. If no such organization exists, you can cancel the request and return an error.

     All this can be done in the 'beforeCreate' event in the 'Users' cloud code area:

    Everlive.Events.beforeCreate(function(request, context, done) {
        var organizationId = request.data.OrganizationId;
       
        Everlive.Sdk.$.data('Organizations').getById(organizationId,
            function(error, data) {
                if (error) {
                    Everlive.Response.setErrorResult('There is no such organization', 100001, 403);
                }
              done();
            });
    });
    If the organization is not found from the cloud code, you will go in the "if(error)' part. You can see there how you can return a custom error to the client. It will be recognized as an error from the SDK. You will be able to check that it is the "organization not found" error by checking the error code. In the sample above 100001 is used for error code, but you can select your own integer value.
    Also, it would be useful to extend the ‘User’ object model in your project with a property like ‘OrganizationId’ of type GUID so you can use it in further scenarios or in the aforementioned check upon user registration.

    Inherit the Telerik.Everlive.Sdk.Core.Model.System.User and add property:

    private Guid organizationId;
     
    public Guid OrganizationId
    {
            get { return organizationId; }
            set { this.SetProperty(ref this.organizationId, value, "OrganizationId"); }
    }

    Use the derived class whenever in your code you are working with the 'Users'.

    In the ‘Users’ content type in Everlive’s portal add 'OrganizationId' field of type 'Relation' to 'Organizations'. Please note that this is not obligatory, the value will be saved anyway.

     2. We are planning to add some features in Everlive concerning the ‘relation’ field that allow programmers to expand the related items or to enforce their data integrity based on the relations.

     3. Currently, these fields add the possibility to see in the data browser the related items as links, but they do not follow the foreign key consistency rules like in a traditional SQL database. You can also use a field with type string. However, it is important to have in mind the upcoming features when designing the data model.

    We hope that this answers your questions.

    In case of any other questions do not hesitate to contact us.

    Best regards,
    Anton Dobrev
    Telerik

    Explore the entire Telerik portfolio by downloading Telerik DevCraft Ultimate.

Back to Top