Hello! On the topic of external databases, this might sound like a dumb question but can we use Anvil’s built in user authentication and put the user and password credentials on a our own database?Appreciate your help.
Welcome to Anvil!
(I’ve split your question into its own thread)
You can’t use the built in users service with external databases but you could modify the custom login flow to do so :
1 Like
Hi David,
Thanks for getting back to me.
I am still a little confused as to the best practice to connect to our external DB as opening the the 3306 port for Postgres is not ideal, I am kind of thinking the Anvil link service or API connect directly to the other server.
What do you guys normally recommend?
From the link you sent me I can still see that the user service is still suggesting we use the Anvil server for all the user authentication parameters, this would make things rather messy if we are needing to copy them between 2 points ie. Anvil and our own DB.
Thanks.
Generally, I use several Galera (MariaDB) clusters, hosted on linode.com, and accessed through load balancers (they call them node balancers) on a different public port. The balancers then talk to the nodes via private IPs. This keeps most script kiddies out, and the probes against my unusual port are minimal.
Then on the Anvil side I use PyMySQL or mysql-connector (depending on needs). You could hide even further behind uplink scripts. Wouldn’t hurt, but it’s not something I do.
The custom login flow is more a starting off point. You would need to replace the Users API calls with your own routines.
Bit of work to do, but it’s really not that hard. I never seem to find the time, but I’ve been wanting to write a tutorial on replacing the Users service with an external DB for a while. I wouldn’t hold your breath, though, as I’m unbelievably busy.
1 Like
Hi David,
Thanks for getting back to me.
I have decided to take the server connector path and write some scripts on my DB server side. I think it might be the safer path? You are 100% right just change the ports was my first thought.
I am trying to just create a script using psycogp that will essentially read the user column and password row to that column and return the values or return a NULL if the user or password are not found. Again not sure if I am barking up the wrong tree might be easier to go down the direct server connect path?
Now an even more elusive question, I know again this might sound really dumb but for example if I store passwords from your user login process as password_hash (Text column) can this just get read back from my DB to Anvil and will it work or is there some vodoo I need to perform here? Just about to test it but I thought I would write this post in case someone else had the same questions as I did?