Back
Appwrite Auth for Role Based Access Control (RBAC)
Hey everyone!
I am looking for authentication access mechanisms for my web app (We're currently using Next-auth for login). We have multiple defined roles for our customers who can access our platform. We want to define different access levels on our app based on these roles. (I want fine-grained access levels in my application for each user. )
- Can I use Appwrite Auth to perform this function?
- Do I need to make separate API calls to my Appwrite backend everytime to check what type of access does each user have?
- Can I use 2FA using Google Authenticator (or other MFA apps) to authenticate user using Appwrite?
- If I add 4 different files in my storage bucket, and want to give access to different people of different files, how can I do it? Do I define separate API keys for each user?
Our current solution: We have a database in Appwrite storing all the details about each user and their access permissions. Everytime a user logs into our web app (using next-auth), we check if the user is present in our db and then render web app according to his permissions. Is there a better way to store more granular info about each user?
Thanks in advance!
TL;DR
- Developer looking to implement role-based access control (RBAC) in their web app
- Wants to know if Appwrite Auth can be used for this purpose
- Questions about making separate API calls for checking user access levels, using 2FA with Appwrite, and granting access to specific files in the storage bucket
- Current solution involves storing user details and permissions in an Appwrite database and checking permissions upon login
- Looking for a better way to store granular information about each user