User
User
User
is a built-in object used for authentication and authorization-related logic.
All user data is stored in the relational database, just like Records. However, it has its own set of GraphQL queries, GraphQL mutations, and Liquid tags and objects specific to authentication and authorization.
Note
To learn about the basic usage of implementing authentication, please refer to the Getting Started with User Authentication article.
There is also the pos-module-user, which allows you to easily add authentication and authorization to your application.
Built-in User fields
There are three main fields you will find useful when working with user authentication:
- email: A case-insensitive, unique field used as the main user identifier.
- password: A virtual field (its value is never stored in the database) that allows you to set the user's password. Behind the scenes, it is hashed using the bcrypt2 password hashing function.
- encrypted_password: The result of the bcrypt2 password hashing function.
Adding Properties to the User
You can add Properties to the User table by specifying them in app/user.yml
, just as you would configure properties in your tables. Here's an example of an app/user.yml
file that adds two properties to the User: role
and last_sign_in_at
:
properties:
- name: role
type: string
- name: last_sign_in_at
type: datetime