Feature: Multi-User Support

Question

Feature: Multi-User Support

crono opened this issue 5 years ago · 5 comments

Hi,

is support for multiple users on one installation something you would consider? I would like to host a Flox instance for my friends and family, each which his own watchlist and rankings.

Answer 1 · 2020-01-08T15:49:59.000Z

Hey,

unfortunately the structure of the code is not very advantageous for a multi user implementation. There would be ways to implement it (@exane had a nice idea), but I don't really have time right now.

Answer 2 · 2020-01-08T18:24:26.000Z

If nobody is working on it (or at least has it on the roadmap), I would like to give it a shot. Can you point me to @exanes idea?

Answer 3 · 2020-01-09T23:16:43.000Z

The rough idea is to work with subdomains. This would probably be easier than adjusting the routing in the frontend.

https://laravel.com/docs/6.x/routing#route-group-subdomain-routing

The goal would be that every user can access Flox via the following structure: username.flox.domain. This would still allow someone to view data of other users in the Flox instance (maybe with a setting to deny access if you are not logged in as that user on the subdomain).

However, I haven't any experience with it (and also how to create dynamic subdomains on the webserver).

There is unfortunately a lot to consider:

The queries for the settings from the settings table are currently always retrieved by first(). A relation for the user would have to be made.
In the app.blade.php we access Auth::check(). There should be an exact check (am I logged in as the user on the subdomain?).
A user management would have to be built (to create/delete users). And only the "admin" should have access to it.
What happens if you call Flox without a subdomain (flox.domain)? Will there be an automatic forwarding?
- If the user is logged in -> redirect to his subdomain.
- If the user is not logged in -> show a list of all users or redirect to the admin subdomain or redirect to a login page.
Probably more things I don't have in my head.

Answer 4 · 2020-01-10T15:40:34.000Z

I see... Subdomains per user would be great, but you are right, there are a lot of details to be considered...

Creating dynamic Subdomains can be achived by setting a wildcard DNS record. This works on my shared host with Apache (see http://flox.a14r.de/ and http://someusername.flox.a14r.de/).

However, I see a few tradeoffs with this method:

You have to change DNS settings. A lot of shared host users can not change the DNS settings, and so cannot run a multi-user installation. On the other hand, they can always create the subdomain manual by hand (and I think most shared-host user wil have only a few users at most).
I can't use Let's Encryt SSL Certs on Wildcard Subdomains (this can be a limitation by my hoster)

But I think it is better than change all the routing in the Frontend :-)

Answer 5 · 2021-10-29T20:40:13.000Z

Closed because i will be completely redeveloping Flox and will try to implement multi users.