sephnescence
commented
1 month ago A thought with authentication servers in mind. We have the choice of making them sign up on a global site, or on an already provisioned site, e.g.
If a user signs up from say localhost/register, the authentication server can emit an event to the schema provisioning service, which emits an event back to the authentication server to let it know what tenant that username belongs to. To kind of cover up the time it takes to do this, just do the typical email verification step - It's good security practice anyways. I believe locally there's a mailtrap interface
The new schema can have the same name as the user's uuid or something. Will be pretty clean for handling GDPR as we can just delete the schema. However, it means that we'll have to take care of authenticating a user when we don't necessarily know which tenant they are in. Do we have the application server emit an event to the authentication server saying that this username belongs to this tenant? So when the user logs in, the authentication server knows which tenant they are?
This should be hooked up with Event Bridge etc.
I haven't started coding anything yet, but I've got a few thoughts on the matter
.localhostI believe is a domain that you can run nova on without requiring a license. Not that this is a problem for me because I own a fallback license, so it should continue to wark in October and beyond