C
C#4mo ago
sile9t

The good way to store user info

I'm making a web app for apartment reservation and i have those models: user, apartment(has fk user), reservationDate(pk is date+apartmentId, fks: user, who reserved this date, and occupancy, to what associates this date), occupancy(fks: reservedBy, apartment, and collection of reserved dates). First I display apartments list that fits to the requested date range (in the service I filter query to get apartments with requested dates in 'empty' state). When user choose an apartment from apartments list and then hits reserve button, I want to create a new occupancy instance and change dates states to 'reserved' (there only 2 states: 'empty' and 'reserved') and add wire this occupancy to user. So, how should I store user info? Should I store only id and where?
14 Replies
Angius
Angius4mo ago
Not 100% sure what you're asking about But I think the answer is "just use a foreign key to user"
sile9t
sile9tOP4mo ago
But what about case, when I want to display all user's apartments? I need to input user id to get all apartments which has 'owner' field (User type).
Angius
Angius4mo ago
Yeah Or you could enter the user name Or whatever else
sile9t
sile9tOP4mo ago
Man, I don't want to input guid id every time when I want to display my apartments, occupancies, my profile details and so on. Or there no way, and I have to receive the id to frontend by cookie or token, or inject it to the page?
Angius
Angius4mo ago
Ah, you want some account system? Where user logs in and sees all their stuff and their stuff only?
sile9t
sile9tOP4mo ago
I already injected identity. I have auth service, where I have private User field and public method to get it from another service (I'm not sure, is it safe to do like that?), and controller. I have profile controller where I want to display all user details. User have to register before reserving an apartment.
Angius
Angius4mo ago
So where's the issue? You can get the ID of the currently logged-in user at any time Just fetch the reservations or whatever by that
sile9t
sile9tOP4mo ago
Is it safe to receive user id?
Angius
Angius4mo ago
Where from? From Identity? User.FindFirst(ClaimTypes.NameIdentifier)? Yes, why would it not be?
sile9t
sile9tOP4mo ago
Ok, is it safe to store user id in the token? I read that store sensitive info in the token is bad decision.
Angius
Angius4mo ago
How is user ID sensitive?
sile9t
sile9tOP4mo ago
U can get all user info by it. Or that doesn't matter?
Angius
Angius4mo ago
If you allow for that to happen, sure If you have some API endpoint or whatever that takes user ID and just spits out all their data, yeah But why would you have that?
sile9t
sile9tOP4mo ago
I wouldn't I guess. Sorry for that mess, english not my native language Thx a lot
Want results from more Discord servers?
Add your server