|
|
|
|
|
|
by cryptonector
387 days ago
|
|
|
Sounds really good. Your vision is excellent, and I admire it and your work. BTW, it's very important to get the details of authentication and authorization right. PostgREST does: it validates JWTs and exposes the claims to the SQL application via set_config()s, just like every detail of every request, and it does a `SET` to set the role to whatever the authenticated user is, though this could be done by a SECURITY DEFINER function instead that looks at the claims. |
|
|
https://www.postgresql.org/message-id/flat/894C0144-5BCC-41C...
set_user extension is AFICT essential for scaling user-per-role.