search

volatiletech / authboss

The boss of http auth.
MIT License
3.81k stars 207 forks source link

Postgres and Gorm struct tags / DB columns and indexes definition #209

Open frederikhors opened 5 years ago

frederikhors commented 5 years ago

Issue opened for the creation of a wiki page that summarizes the doubts and problems for newbies (https://github.com/volatiletech/authboss/issues/210).

I'm using authboss with Gorm and Postgresql.

I think we miss detailed instructions on how to set up DB columns and indexes.

Starting simply, what do you think about:

type User struct {
    ID int //but using Gorm you can use: gorm.Model (http://gorm.io/docs/models.html)

    // Non-authboss related field
    Name string

    // Auth
    Email    string `gorm:"type:varchar(100);unique_index"`
    Password string

        // from here I need help:

    // Confirm
    ConfirmSelector string
    ConfirmVerifier string
    Confirmed       bool

    // Lock
    AttemptCount int
    LastAttempt  time.Time
    Locked       time.Time

    // Recover
    RecoverSelector    string
    RecoverVerifier    string
    RecoverTokenExpiry time.Time

    // OAuth2
    OAuth2UID          string
    OAuth2Provider     string
    OAuth2AccessToken  string
    OAuth2RefreshToken string
    OAuth2Expiry       time.Time

    // 2fa
    TOTPSecretKey      string
    SMSPhoneNumber     string
    SMSSeedPhoneNumber string
    RecoveryCodes      string

    // Remember is in another table
}

And what about remember table?

aarondl commented 5 years ago

Authboss makes no presumptions about your database. It only requires you to implement the storers as required and persist that data however you like. You may be saving it to a file serializing with JSON, or using google cloud storage. Therefore I don't think this kind of documentation belongs in Authboss or it's sample as we'd have to be committed to having all databases have some documentation which isn't feasible.

I think it's better to simply add documentation surrounding what a schema might look like (database agnostic) with the list of all the columns/tables and types involved.

I'm specifically (and unjustly and unfairly) completely against any Gorm related documentation as I'm the creator of https://github.com/volatiletech/sqlboiler and I don't want to proliferate gorm anymore than it already has been, it's not a good solution to databases in Go and it performs extremely poorly as well (see benchmarks at bottom of sqlboiler readme).

ghost commented 5 years ago

sqlboiler is way better than GORM is so many ways IMHO.

@aarondl I wonder if its worth adding a formal drivers package, with sqlboiler as the default. Maybe we can then use the golang teams go-cloud also.

https://github.com/google/go-cloud

https://github.com/google/go-cloud/tree/master/postgres

aarondl commented 5 years ago

I'm not opposed to this. It was originally intended to go this way anyway.

ghost commented 5 years ago

@aarondl I hope it does go that way. +1 from me.