Authenticate different set of user

FJP H

Hi there,

I am trying to make a sign-up and login for (for example) customers and staff. I want to seperate the users by using two tables with auth enabled Table: customers and table: staff.

What would in general be the approach in Xano and Weweb, were I am planning to use the Xano Auth plugin and the generated SignUp an login forms, and preferably use a single login page?

- can I add the weweb Xano auth plugin 2 times or should I use the rest API plugin?

- How to distinguish the user type (customer vs staff) on Signup? Should I just use two different signup pages or add an extra input variable (singup as ...customer or staff). Can I also sign up without directly retrieve a token? User should login first

- How to use a single login page: should I expand the function stack of the login endpoint, by first searching the user in table: customers and if not found, search the table: staff?

Thanks for help.

Pawel Magdanski

Hi,

I don't know the specifics of your projects but did you consider using one user table for both types with general information like password, email, name, etc, and separate related tables for type-specific fields?

This way you can deal with the common things like sign-up, sign-in, and password-reset only once.

FJP H

I considered that, but I was triggered by the Xano docs of having multiple auth tables, to strictly seperate user types. And having while experimenting with RBAC using Weweb as Front-End I got a bit stuck defining the best approach. I am now a bit more aware how the Xano Auth plugin works under the hood, in respect to private pages, basicly refering to only a single Auth setup (auth/signup, auth/login, auth/me)

quentindty

Hey, Q from WeWeb here 👋

I would strongly recommend having only one user table, and setting a column with their permissions/type (to know if the user is a customer or a staff).

It's impossible to have 2 auth plugin in a WeWeb app, and it's not best practice at all, as it could screw up your auth cookies/tokens.