In this article, we will look at how the AppMaster.io no-code platform solves the problem of accessing data for application users.

It happens by introducing roles such as Users, Moderators, Admins, and other requirements. This solution gives more flexibility inside your built application and controls information and functionality access inside the built application.

The article will be useful to anyone who wants to dive into the functionality of the AppMaster.io platform and see its capabilities in terms of settings for accessing data by roles.

Мodule Auth by AppMaster.io

Registration in the assembled application on our platform is represented by the Auth module, allowing you to create and edit user groups and access their rights. The Auth module is already preinstalled into the project when it is created.

Мodule Auth by AppMaster.io

Available Auth module settings:

SignUp Groups — list of user groups that can register;

SignUp — includes the ability to register in the application;

Session timeout (minutes) — the time after which the current user session will end if the User is idle (in minutes). The default is 60 minutes;

Failed login delay (in ms) — delay time for a server response in case of an unsuccessful login attempt (in ms). The default is 0 ms;

Email confirmation required — an option that involves verification via email if enabled;

Signed-Up User Active — sets the active attribute to True for each registered User.

Groups — allows you to create and edit user groups.

AppMaster.io uses the Data Model Designer to work with models.

User and User Session are two models automatically created in the Data Model Designer. Preinstalled data model fields cannot be modified or deleted, but new ones can be added.

User and User Session

For these models, blocks of business processes (BP) are also automatically created.

Auto-generated BPs associated with User and User Sessions

  • User Model

DB: Delete User — delete object User from the database via ID;

Delete User in AppMaster

DB: Update User — resets all fields of the User-object block passed to the input in the database and updates them in accordance with the specified values (to change only the specified fields, the DB: Patch User block is used);

Update User

DB: Create User — stores in the database and returns the given User object (to build it from the given fields, use the Make User block);

Create User

DB: Soft Delete User — updates the DeletedAt attribute on the User object and leaves it in the database;

Soft Delete User

DB: Bulk Delete User — takes as input an array of IDs (ids) of User objects that will be deleted from the database; 
failed_ids — an array of user IDs that will not be deleted;

Bulk Delete User

DB: Patch User — updates the specified fields of the User object in the database (to reset all fields, use the DB: Update User block);

Patch User

DB: Search User — finds one or more User objects in the database based on fields and returns them;

Search User

DB: GetOne User — finds the User object in the database by its ID and returns it;

GetOne User

Expand User — returns all fields of the selected User object;

Expand User

Make User — creates a new User object in memory from the given fields and returns it (to save the created object in the database, use the DB: Create User block);

Make User

  • User Session Model

DB: Delete User Session — removes the User Session object from the database by the passed ID;

Delete User Session

DB: Update User Session — resets all fields of the User Session object passed to the input block in the database and updates them in accordance with the specified values (to change only the specified fields, use DB: Patch User Session);

Update User Session

DB: Create User Session — stores in the database and returns the given User Session object (to build it from the given fields, use the Make User Session block);

Create User Session

DB: Soft Delete User Session — updates the DeletedAt attribute of the User Session object and leaves it in the database;

Soft Delete User Session

DB: Bulk Delete User Session — accepts as input a set of IDs of User Session objects that will be deleted from the database;
failed_ids — the array defines the set of IDs that will not be removed;

Bulk Delete User Session

DB: Patch User Session — updates the specified fields of the User Session object in the database (to reset all fields, use the DB: Update User Session block);

Patch User Session

DB: Search User Session — finds one or more User Session objects in the database based on fields and returns them;

Search User Session

DB: GetOne User Session — finds the User Session object in the database by its ID and returns it;

GetOne User Session

Expand User Session — returns all fields of the selected User Session object;

Expand User Session

Make User Session — creates a new User Session object in memory from the given fields and returns it (to save the created object in the database, use the DB: Create User Session block);

Make User Session

  • Auth Module

Auth: Generate Auth Token — generates an authorization token (Auth Token) of a given length;

Generate Auth Token

Auth: Registration — registers a new user;

Auth: Registration

Auth: Authorization — checks if the Auth Token exists in the system and returns the user associated with it;

Auth: Authorization

Auth: Authentification — checks the user's login and password and returns an Auth Token;

Auth: Authentification

Auth: Logout — accepts an Auth Token and terminates the current user session;

Auth: Logout

Auth: Get current user — returns the data of the current user;

Auth: Get current user

Auth: Remove user from the group — removes a user from the specified group by his ID (defined in the settings of the Auth module);

Auth: Remove user from group

Auth: Add user to the group — adds a user to the specified user group by its ID (defined in the Auth module settings);

Auth: Add user to the group

Auth: Hash Password — converting a password string to a hash;

Auth: Hash Password

Auth: Restore Password — accepts the username and new password of the user, thereby resetting it;

Auth: Restore Password

Auth: Change Password — replaces the current user password with a new one;

Auth: Change Password

Auth: Probe Password — verification of password and hash matching;

Auth: Probe Password

The Endpoints of the Auth Module and the User and User Session models are automatically generated when the project is created.

Auth Module

Request typeEndpointConnected BP
post type/logout/Auth: Logout
post type/auth/Auth: Authentification
post type/register/Auth: Registration
get type/confirm/Auth: Registration
put type/user/change-passwordAuth: Change Password
post type/user/restore-password/Auth: Restore Password
get type/user/profile/Auth: Authorization

User

Request typeEndpointConnected BP
put type/user/:id/DB: Update User
delete type/user/:id/DB: Delete User
get type/user/:id/DB: GetOne User
get type/user/DB: Search User
patch type/user/:idDB: Patch User
post type/user/DB: Create User

User Session

Request typeEndpointConnected BP
delete type/user-session/:id/DB: Delete User Session
get type/user-session/:id/DB: GetOne User Session
get type AppMaster/user-session/DB: Search User Session
patch type AppMaster/user-session/:id/DB: Patch User Session
post type AppMaster/user-session/DB: Create User Session
put type AppMaster/user-session/:id/DB: Update User Session

Auth Token is used as the current session token of the authorized User. In the web application BP, it is possible to interact with this token:

  1. Get Auth Token returns the Auth of the current authenticated user session;
    Get Auth Token returns the Auth of the current authenticated user session
  2. Set Auth Token overwrites the Auth Token of the current session of the authorized user;
    Set Auth Token
  3. Remove Auth Token deletes Auth Token the current session of the authorized user;
    Remove Auth Token

The example shows how to get the current user.

To do this, go to the Business logic tab and drag the Auth: Get current user block.

Next, an Endpoint is created for the created BP, which will be used to contact the server to get the current User's object.

Select the user group in the Endpoints section and create a GET request method for the newly created process to get the current User.

In the web application BP, make a request to the created endpoint (Server request GET /user_current) to get the current user.

Groups and Permissions

User groups are created in the settings of the Auth module. To go to the module settings, you need to open the Modules section and click on the card of the corresponding module.

The Groups tab contains a list of all existing groups. Click Add a new element to create a new User group. In the new modal window, you can customize the group, add a description, icon, icon and label color, and tag.

Create a group in AppMaster

To edit existing user groups, you also need to go to the settings of the Auth module. To do this, go to the Modules section and click on the card of the corresponding module. Next, in the Groups tab, a list of groups will be available, to edit it you need to click on the settings icon. In the new modal window, you can customize the group, change its description, icon, icon and label color, and tag.

Editing existing user groups

To change the rights of reading/writing entries in the database for certain user groups, the Middleware of the Auth module is used.

In the Endpoints section, select the Endpoint whose read/write permissions you want to change. Click on the settings button in the desired Endpoint and go to the Middleware tab in the modal window that opens. Next, by clicking on Edit settings in the line with Token Auth Middleware, set up access rights.

Access to pages in the web application

Access to pages in the web application: You need to go to the web application and click on the Settings button of the page you want to restrict access to.

In the Show for groups field, you must select a list of user groups that will be allowed to view this page. By default, the field is empty, and access is allowed to all categories of users.

Access to pages in the web application 2

Conclusion

Access to data by roles is a convenient way to organize information flows for specific groups of users. With the no-code platform AppMaster.io, you can test this feature in a trial.

If you're impressed with the functionality, get our Professional plan, which includes this feature, also binary file export, regular backups, project transfers, and much more. We are waiting for you on the AppMaster.io platform to implement even your most daring projects.