Best approach to limit free users
I am building an app with the T3 stack, so I have all the bells and whistles that it provides, including NextAuth
I am getting ready to open the application for beta users, but I would like to limit their actions. I've already implemented a
role that I leverage to display admin-only components on the UI.
The thing is that I would like to limit the amount of information the user is able to save into the database. I was checking out shadcn Taxonomy demo project (https://github.com/shadcn-ui/taxonomy/blob/main/app/api/posts/route.ts) and it seems to me that I should add a check for every route that I want to limit the user.
Is this the best approach or there is something more "centralized" that will allow us to implement such feature?5 Replies
checking it closely, the demo app of shadcn does not uses tRPC and instead leverages the RSC (as supposed by the scope of the app 😊) making db queries right in the page.
The thing is that he handles the response right in the handler funcition with the
fetch request.
https://github.com/shadcn-ui/taxonomy/blob/main/components/post-create-button.tsx#L36-L50
How could I build the same logic with React Query? I'll have the error variable returned right?You seem to mix authorization with authentication (NextAuth) and request processing (tRPC, fetch, ...).
On page load and periodically every x minutes, request a user's information. Then adjust the UI accordingly. On the backend, when the user makes a request, validate that the user has the correct rights to perform said action. If he is a free user and exceeded his limits, return an error.
Am I missing something?
Yup, I am definitely mixing those two 😂
mmm tbh while the user visit the platform I don't have needs to "lock" anything he sees, because at the end these are "his stuff".
but is upon a specific action that I want to limit his power.
If we take a ToDo List app as an example, I want that free users only have 5 items and they cannot create a new item if they already have 5 in their list. They'll need to complete/delete one or pay the subscription.
my last point was that I am not a master in request processing and I was wondering how to leverage the error I'll receive from my API when user will click the "Create new task" button and already has 5 items.
But probably this is more because I haven't wrote a single line of code yet.
If you have any article/tutorial/codebase that you can share with me I'll be incredibly grateful
Seems like a pretty basic use-case. All you need is a function which checks if the user can create another todo item. If he can't hide the form in the UI and show a message to upgrade the account. On the backend return an error in case he tries to create an item nevertheless.
I'm not sure where you're stuck so it's hard to recommend something specific.
Just get started. Write a few lines. When you're stuck, reach out.
Learning by doing. Only way to learn to code.
ehehehehehe you're totally right and thanks for the support, I'll reach out later in case I face some issues or want to say "mission accomplished" 😅