ā Noob setting up a Database for a school project.
So if we imagine you're tasked with setting up a Database.
There'll be a table called
USER:
And within that there's:
Id
Name
Username
Password
Telephone (Phone verification)
Email (Email Verification)
Interests.
The Email/Username and Password are login parameters.
Should one store them in the same Table as User? I'm looking at using Azure to store the Database (using MySQL, never used this before)
How would you store the Email/Username and Password in a secure manner?
ALSO: Would SSO need its own table structure? I'm looking into that as well but in the future.
34 Replies
You wouldn't store the password, you would store a passwordhash
The username (or email, I'd you can log in by email) must be plaintext, no way around that
I'd also strongly urge you to not use MySql
Mssql or Postgres are both much much better alternatives
Oh right, we're hashing the password as well. And that's a good shout
And for azure, mssql (aka SQL server) is the default
so the thing is; we're doing a school project where we're simulating a full on company.
I'm in the Backend team; We have a Frontend team, UX and DevOPS.
The DevOPS requested us to use MySQL for some reason.
Tell them they are idiots :p
But sure, if that's their call then go with it
It won't stop you, just be annoying
Hahaha, i've only been using MSSQL so thats what i'd prefer. But if it's that much of a hassle; I guess i'll raise this tomorrow with them š®
Once again, thanks a ton @Pobiega š
MySQL is largely considered deprecated in the tech world
It's just not competitive from any angle with the alternatives available
i understand; according to what i've been told "If you can use MySQL it would make our jobs much easier"
Id recommend reading up on something called
argon2 for your password hashingI've never used it before; So i've been more or less trying it.
It's a state-of-the-art algorithm which is easy to use
We already have a Password Hashing system; But that fell on one of my classmates
Ok
That's fine
I believe he used a finished Nuget package.
How are you communicating with the database? Ado.net? Dapper? EF core?
EFCore all the way
Ok. Another reason to avoid MySQL
The pomodoro connector for ef is okay, but the "official" one is a mess
I looked into it; And been trying "Pomelo"
While mssql and npgsql are both š
That might be the one
Yeah; I've used MSSQL everytime and it hasnt let me down once
š
I'd also recommend doing Code first with EF, if you can
Db first is harder to handle migrations imho
That's definitely how we're doing it š® We havent decided on which parameters to use yet
Wdym?
Like, the columns within the table and how we're going to structure it hasnt been decided yet š® I was just looking into creating a basic structure
i believe the reason the DevOPS asked us to use MySQL (and dont quote me on this)
Right. Well that should all be up to your team
Is because they'll be using Python(?)
DevOps should only care about deployment/ monitoring
I'm not fully aware about how DevOPS people work
tbh
It's not like you can't connect to Postgres or mssql from python lol
I doubt there will be major differences for them either way
I get that; I've sent a message to my fellow classmates so we can rethink our MySQL choices XD
I can assure you that DevOps in any org I've ever worked for don't get to dictate tech choice. That's the dev team, or maybe CTO
They ofc decide for their own stuff
Like between nomad or k8
Yeah i was also under that impression; But it was a wish from their department.
I was mostly in on the idea because it meant i could learn a new thing and add it to my skillset; As MySQL isnt in our Curriculum
but if it makes it more annoying with little to no benefit
I should probably just stick with MSSQL
its not very different when it comes to the basics, it just has insane defaults and missing some more advanced features
and if you were gonna use EFCore, you wouldnt notice the differences anyways š
Okay that's good at least hahaha; Honestly it shouldnt be way too in depth. I just see this as an opportunity to learn something new.
Thanks once again for the help @Pobiega š