Implement minimal user management

compose-us-research / noqueue

ITC1 Hackathon

https://platzhalter.io

MIT License

2 stars 1 forks source link

Implement minimal user management #7

Open bergos opened 4 years ago

bergos commented 4 years ago

A minimal user management should be implement to distinguish shop owners/employees and operators.

The following roles will be used and can be set with a flag in the user table:

operator: The operator/host of the instance.
admin: Owners or employees of the shop.

A token will be used for authentication. The token URL should be also available on the user page as a QR Code to transfer it to other people.

Only the operator can update tokens.

bergos commented 4 years ago

Maybe it's better to give the operator user/password as an env variable to the application. This allows to set everything during application deployment and doesn't require any setup code in the application.

Narigo commented 4 years ago

Since we are setting up the instances for the shops ourselves, this could make sense, yes. Registering a shop needs to send us an email though and updating it would need that user/password combination...

Narigo commented 4 years ago

We need a user flow to make this available. Where should a user / operator / admin login? Does it make sense to show the "Register new shop" at all?