search

Giveth / impact-graph

MIT License
47 stars 17 forks source link

Multi level account architecture draft #766

Open mohammadranjbarz opened 1 year ago

mohammadranjbarz commented 1 year ago

https://forum.giveth.io/t/multi-level-account-and-improving-the-user-flows-for-all-users/844

mohammadranjbarz commented 1 year ago

After talking with @MoeNick I suggest this draft and love to hear feedbacks from @aminlatifi and @CarlosQ96

Impact-graph

Entities

user_connected_accounts

Create this table name type required description
service string yes email, linkedin, twitter, google
uniqueId integer yes some permanent unique thing like id or email address
username integer no unique but not permanent because users can change their usernames in twitter, linkedin, ...
createdAt Date yes
userId integer yes one to one relation
metadata object no Depends on what data return by each service ( twitter and linkedin return different metadata)

wallet_address

Create this table name type required description
address string yes something like 0x2CF9444f69E4A394ecAc42bf2C6d7F91F646Ba0D
provider string yes metamask, torus, ...
isMain boolean true Each user can have only one main wallet address and unlimited non-main wallet addresses
createdAt Date yes
userId integer yes many to one relation
network integer yes Wallet address signed with which network first time of login(1,5,100,...)

User

Web services

Create user if not exist

Should implement a webservice for create user_connected_accounts record and authentication microservice will call it, so if a user login with social accounts in authentication microservice that would call impact-graph and here we create a record for that if not exists

Get user info

when authentication micro service wants to issue a token call this webservice and user's data then put more payload in JWT token ( for instance user login with email but microservice can get wallet address and userId and put them in JWT)

Send OTP to their email

For users that want to verify their emails that are in their profile in imapct-graph db like what we have in adding email in verification form

Verifying email OTP

User send the email's OTP and if it's correct we verify their email

Authentication microservice

Web services

Get oauth2 auth link

This is a GET API that users can call it and get an auth link based on their selected social network

Implement callback webhook for each service

For instance one for LinkedIn, and one for twitter, ...

Token structure changes

Should call impact-graph get user info web service and put more data in JWT payload, then frontend can decide better to show what flow to user based on token's payload

Notification-center

I don't have idea about it yet, now we work with wallet address, but we should decide what we want to do, maybe we should work based on userId so then doesn't matter user logged in with what wallet address we can show them all notifications, it's not clear for me yet, need to discuss with @MoeNick more about it

CarlosQ96 commented 1 year ago

  1. I agree with the data model, in the wallet_address I don't think the network is important if they can switch easily. (unless it's a network dependent wallet).

  2. Add the updatedAt to all models.

  3. The notification center is quite complex, because as we said, we work with the addresss because the authentication microservice works with the address. If we use the impactgraph userid, the notificationcenter will be coupled to the impactgraph. We should have a meeting to decide this. Especially because users with only social media login, cant use the notification center. And we would also need to group them in the notification center to know they are the same person.

CarlosQ96 commented 1 year ago

We would need also to add a createAddress if not exist or is taken service. The scenario is: The person logs in with social media, and then proceeds to connect a new wallet that is not in it's list.