Implement minimal user management #7
Assignees
Comments
|
Maybe it's better to give the operator user/password as an env variable to the application. This allows to set everything during application deployment and doesn't require any setup code in the application. |
|
Since we are setting up the instances for the shops ourselves, this could make sense, yes. Registering a shop needs to send us an email though and updating it would need that user/password combination... |
|
We need a user flow to make this available. Where should a user / operator / admin login? Does it make sense to show the "Register new shop" at all? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
A minimal user management should be implement to distinguish shop owners/employees and operators.
The following roles will be used and can be set with a flag in the user table:
operator: The operator/host of the instance.admin: Owners or employees of the shop.A token will be used for authentication. The token URL should be also available on the user page as a QR Code to transfer it to other people.
Only the operator can update tokens.
The text was updated successfully, but these errors were encountered: