Parent | Child | Previous | Next
 

Storing Additional User Information

Description

When you use the Security Framework in an Alpha Anywhere application, the table that contains the list of user names and passwords is a system table which cannot be modified to add fields to store additional information about each user. Instead, an Extended User Information Table must be used. This is especially important for applications published to Alpha Cloud or the Application Server for IIS.

Discussion

In order to store additional information about each user in your system it is necessary to create another table in a SQL database. This table is called the Extended User Information Table. It can have any structure that you like, but it must have a primary key field that contains the id of the user. The user id field should be indexed.

To create an Extended User Information Table, open the Web Security dialog by clicking the Web Security button on the Web Projects Control Panel. Then, launch the Security Settings dialog and click the Extended user-info table hyperlink at the bottom of the dialog.

images/securitysettings_extendedinfo.jpg

This will bring up a dialog that will allow you to specify an existing table, or create a new table in the target SQL database.

images/extendeduserinfolinking.jpg
images/extendeduserinfocreate.jpg

When a user logs into an application, you can add Xbasic to populate and store the extended user information in a session variable. For example:

dim userId as c = context.session.getCurrentUser()
            dim userInfo as p
userInfo = a5w_getExtendedUserInfo(userId)

if (userInfo.error == .f.) then
    session.extendedUserInformationJSON = userInfo.json
else
    session.extendedUserInformationJSON = ""
end if

The value in the session variable is a JSON representation of the value in each field in the Extended User Information Table.

For example, assume the following:

  • The Id of the currently logged in user is [email protected].
  • An Extended User Information Table has been defined for the project.
  • The Extended User Information Table contains these fields: USERID, FIRSTNAME, LASTNAME, AVATARURL, COMPANY, DEPARTMENT
  • the record in the Extended User Information Table for this user contains these value:

When the user "[email protected]" logs in, the Xbasic script creates the session.extendedUserInformationJSON variable sets it to the following value:

{ 
    "USERID" : "[email protected]",
    "FIRSTNAME" :"John",
    "LASTNAME" : "Smith",
    "AVATARURL" : "http://images.example.com/smith_john.png",
    "COMPANY" : "Examples Inc",
    "DEPARTMENT" : "Sales"
}

Your server-side code can get the individual values in the string by first using the json_parse() function.

For example:

dim p as p
dim json as c
json = session.extendedUserInformationJSON
if json <> "" then
    p = json_parse(session.extendedUserInformationJSON)
    dim lastname as c
    lastname = p.lastname
end if

In addition, if the user logs in from a UX or Tabbed UI (i.e. not the Login component), a client-side Javascript object will be created with values for each of the fields in the Extended User Information Table.

This object is called A5.extendedUserInformation

If your Extended User Information Table has a specially named field called ActiveLanguage then the value in this field can be used to set the active language for the app. Normally the active language is set by specifying the language in the session.__protected__activeLanguage variable.

Templates

A sample template component is available to edit data in the Extended User Information Table for the currently logged in user.

When you create a new UX component, select the SecurityFramework-Edit_ExtendedUserInformation template.

The template automatically generates a form based on the fields you have defined in the Extended User Information table for your web project.

Functions

The following functions can be used to interact with the Extended User Information Table for a user.