Coding to handle Admins + Auth Records #4569
Unanswered
VictorioBerra
asked this question in
Q&A
Replies: 1 comment 2 replies
-
They are 2 separate entities because it makes the internals easier to work with. Note that API rules doesn't apply for admins and they can access and do everything (including deleting other admins). There are plans to convert the admins into a special system auth collection (aka. the admin model will be |
Beta Was this translation helpful? Give feedback.
2 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
The concept that an Admin and Auth Record cause me a lot of confusion. Why are they separate things entirely?
It adds a lot of extra work if we have to code PB as a framework to handle if someone wants to login as an admin, or an auth record for example:
We have to handle
findAdminByToken
andfindAuthRecordByToken
and a bunch of other APIs that handle admins VS auth records.If they were the same, or at least abstracted to a single API there would be a LOT less code to handle.
I am considering in my app to NOT let the admin login, and instead they can create a regular user account and then gain some role through some other mechanism just to prevent juggling 2 sets of cookies, 2 APIs, mapping two different kinds of users throughout the system.
Beta Was this translation helpful? Give feedback.
All reactions