Account Types - janko/rodauth-rails GitHub Wiki

When using multiple Rodauth configurations, you can differentiate types of account records in the database either by using separate tables, or by storing the account type in a shared table.

Shared tables

By default, different Rodauth configurations will use the same database tables. To differentiate types of accounts in the database, you can create a custom column on the accounts table to store the account type:

# in a migration:
add_column :accounts, :type, :string, null: false, default: "main"

If you're using Active Record, you'll need to disable single-table inheritance for the account model, since it will try to use the type column by default (or you can use a different column name, e.g. kind):

# app/models/account.rb
class Account < ApplicationRecord
  self.inheritance_column = nil # free up the "type" column
  # ...
end

In your shared Rodauth configuration, you can then fill the account type on account creation, and constrain account retrieval only to accounts belonging to the current configuration:

# app/misc/rodauth_base.rb
class RodauthBase < Rodauth::Rails::Auth
  configure do
    # ...
    before_create_account { account[:type] = account_type }
  end

  private

  def account_table_ds
    super.where(type: account_type)
  end

  def account_type
    self.class.configuration_name&.to_s || "main"
  end
end

# app/misc/rodauth_main.rb
class RodauthMain < RodauthBase
  # uses "main" account type
end

# app/misc/rodauth_admin.rb
class RodauthAdmin < RodauthBase
  # uses "admin" account type
end

# app/misc/rodauth_app.rb
class RodauthApp < Rodauth::Rails::App
  configure RodauthMain
  configure RodauthAdmin, :admin
  # ...
end

Dedicated tables

If you want a secondary Rodauth configuration to use its own database tables, you'll need to create them manually:

# in a migration:
create_table :admins do ... end
create_table :admin_verification_keys do ... end
# ...
create_table :admin_active_session_keys do |t|
  t.references :admin, foreign_key: true # creates "admin_id" column
  # ...
end
# ...

And then tell Rodauth to use the new tables, along with any updated foreign key column names:

class RodauthAdmin < Rodauth::Rails::Auth
  configure do
    accounts_table :admins
    password_hash_table :admin_password_hashes # if using database authentication functions
    verify_account_table :admin_verification_keys
    verify_login_change_table :admin_login_change_keys
    reset_password_table :admin_password_reset_keys
    remember_table :admin_remember_keys
    # email_auth_table :admin_email_auth_keys
    # otp_keys_table :admin_otp_keys
    # sms_codes_table :admin_sms_codes
    # recovery_codes_table :admin_recovery_codes
    # webauthn_keys_table :admin_webauthn_keys
    # webauthn_user_ids_table :admin_webauthn_user_ids
    # account_login_failures_table :admin_login_failures
    # account_lockouts_table :admin_lockouts
    # active_sessions_table :admin_active_session_keys
    # account_activity_table :admin_activity_times
    # password_expiration_table :admin_password_change_times
    # single_session_table :admin_session_keys
    # audit_logging_table :admin_authentication_audit_logs
    # previous_password_hash_table :admin_previous_password_hashes
    # jwt_refresh_token_table :admin_jwt_refresh_keys

    # active_sessions_account_id_column :admin_id
    # audit_logging_account_id_column :admin_id
    # webauthn_keys_account_id_column :admin_id
    # previous_password_account_id_column :admin_id
    # jwt_refresh_token_account_id_column :admin_id
  end
end