What are your thoughts of separate
What are your thoughts of separate databases? I have a users table in an auth database, but user-owned resources are in product-specific databases, making foreign key references impossible. 😦 Should I cave and put the tables in the same database so that I can have foreign keys on user IDs, or should I keep a separation of concerns to decrease the blast radius of a security incident?
2 Replies
It sounds like you are using one db as an auth provider, maybe you should handle it as one, like an oauth thingy if you know what i mean.
maybe have one worker that other workers can access to authenticate and authorize an user, and just store the ID like you currently have.
so no worker, besides the auth provider, has direct access to the database, and then you have stricter access control
my own personal opinion: if you have a security incident with D1, it'll be because your account got compromised, and they'll have access to your databases either way - I wouldn't shard DBs in the interest of security, but rather for the ability to have 10GB of storage per customer