Sharing user model across Strapi, App, Blog, Forum etc

Jarson · November 7, 2020, 3:25pm

Hi! I have a question about app architecture.
I’m planning to use Strapi for a project that will include many elements: website, blog (with comments), forum, and the app (SaaS app, my main product). I can manage content in Strapi for website, blog and forum, but not for the app, which is not content based (it’s an IoT app). For best UX I want end users to login once and be able to comment in blogposts, post on forum and of course, access the app.

Do you have any suggestions / best practices on how to achieve that? There is user model both in Strapi and in my app, should I use Strapi’s model and add some fields I need in my app, or rather link these models by e.g. adding a reference from one to the other?

DMehaffy · November 9, 2020, 2:49pm

There would likely need to be some kind of sync yes, your IoT app, is there an authentication layer there and what type is it?

Jarson · November 9, 2020, 9:11pm

Thanks! Yes, there is a user auth layer in my app, it’s a simple approach based on JWT and refresh tokens, no OAuth or other third parties.

DMehaffy · November 9, 2020, 9:23pm

We do have a guide for customizing the JWT validation: JWT validation - Strapi Developer Documentation

But it may be easier to tweak the other app to validate Strapi JWTs instead (it’s just a matter of using the same secret and decrypting the token, or even better would be having the app accept a strapi token, and forwarding that over to /users/me to validate it and get the user data.)