Storing Additional User Information
Description
When you use the Security Framework in an Alpha Anywhere application, the table that contains the list of user names and passwords is a system table which cannot be modified to add fields to store additional information about each user. Instead, an Extended User Information Table must be used. This is especially important for applications published to Alpha Cloud or the Application Server for IIS.
Discussion
In order to store additional information about each user in your system it is necessary to create another table in a SQL database. This table is called the Extended User Information Table. It can have any structure that you like, but it must have a primary key field that contains the id of the user. The user id field should be indexed.
To create an Extended User Information Table, open the Web Security dialog by clicking the Web Security button on the Web Projects Control Panel. Then, launch the Security Settings dialog and click the Extended user-info table hyperlink at the bottom of the dialog.
This will bring up a dialog that will allow you to specify an existing table, or create a new table in the target SQL database.
When a user logs into an application, you can add Xbasic to populate and store the extended user information in a session variable. For example:
dim userId as c = context.session.getCurrentUser() dim userInfo as p userInfo = a5w_getExtendedUserInfo(userId) if (userInfo.error == .f.) then session.extendedUserInformationJSON = userInfo.json else session.extendedUserInformationJSON = "" end if
The value in the session variable is a JSON representation of the value in each field in the Extended User Information Table.
For example, assume the following:
- The Id of the currently logged in user is [email protected].
- An Extended User Information Table has been defined for the project.
- The Extended User Information Table contains these fields: USERID, FIRSTNAME, LASTNAME, AVATARURL, COMPANY, DEPARTMENT
- the record in the Extended User Information Table for this user contains these value:
- [email protected]
- John
- Smith
- http://images.example.com/smith_john.png
- Examples Inc
- Sales
When the user "[email protected]" logs in, the Xbasic script creates the session.extendedUserInformationJSON variable sets it to the following value:
{ "USERID" : "[email protected]", "FIRSTNAME" :"John", "LASTNAME" : "Smith", "AVATARURL" : "http://images.example.com/smith_john.png", "COMPANY" : "Examples Inc", "DEPARTMENT" : "Sales" }
Your server-side code can get the individual values in the string by first using the json_parse() function.
For example:
dim p as p dim json as c json = session.extendedUserInformationJSON if json <> "" then p = json_parse(session.extendedUserInformationJSON) dim lastname as c lastname = p.lastname end if
In addition, if the user logs in from a UX or Tabbed UI (i.e. not the Login component), a client-side Javascript object will be created with values for each of the fields in the Extended User Information Table.
This object is called A5.extendedUserInformation
If your Extended User Information Table has a specially named field called ActiveLanguage then the value in this field can be used to set the active language for the app. Normally the active language is set by specifying the language in the session.__protected__activeLanguage variable.
Templates
A sample template component is available to edit data in the Extended User Information Table for the currently logged in user.
When you create a new UX component, select the SecurityFramework-Edit_ExtendedUserInformation template.
The template automatically generates a form based on the fields you have defined in the Extended User Information table for your web project.
Functions
The following functions can be used to interact with the Extended User Information Table for a user.
a5w_getExtendedUserInfo()
The a5w_getExtendedUserInfo() function reads data from the Extended User Information table. It can be used to retrieve information for the specified user. For example:
dim p as p p = a5w_getExtendedUserInfo("[email protected]") ?p.error = .f. ?p.json = <<%txt% { "FIRSTNAME" : "John", "LASTNAME" : "Smith", "COMPANY" : "Examples Inc" }
See a5w_getExtendedUserInfo() Function for more information.
a5w_saveToExtendedUserInfo()
dim json as c json = <<%txt% { "FIRSTNAME" : "John", "LASTNAME" : "Smith", "COMPANY" : "Examples Inc" } %txt% dim p as p p = a5w_savetoExtendedUserInfo("[email protected]",json)
See a5w_saveToExtendedUserInfo() Function for more information.
a5wcb_extendedUserInfoTableFields()
The a5wcb_extendedUserInfoTableFields() function returns a list of fields in the Extended User Information Table.
See a5wcb_extendedUserInfoTableFields() Function for more information.