Hey guys.
I’m looking for the best way to implement authorization using not single table but a few of them.
Imagine we have quite different user entities to save them in a single table.
For example:
superAdmin - can do everyting
cashier - can create and operate only with separate part of the site, manage his own orders etc
partner - can see the referals of his links, etc
I guess it would be not very good to save them in the single table cause many fields would be unrelated to the different kind of users. For example cashier’s office address field or map code would be inappropriate for admin or partner.
So how to put things together?
The only solution that pops up is to create a cross table like auth_users
which would be like
id_global | extra_user_id | login | password | user_type
where id_global would be unique id over the all tables and would be used in IdentityInterface implementation as getId(). And then depending on user type I would get the extra info from appropriate table?
Do you have a better solution?
auth_users
id_global | extra_user_id | login | password | user_type
1 | 5 | adm_login |admin
2 | 6 | cashier1 |cashier
3 | 5 | partner2 |partner
admins
id | email | ips_mask
5 | email@email.com | 192...*
cashiers
id | map_url
6 | xxxxx
partners
id | slug
5 | partner_slug
But maybe there is the way when I keep login/pwd in each table and then try to be authorized as each user and if any user type matches the input credentials then auth fails.
Very interesting in your thoughts.