Storing Additional User Information

Description

When you use the Security Framework in an Alpha Anywhere application, the table that contains the list of user names and passwords is a system table which cannot be modified to add fields to store additional information about each user. Instead, an Extended User Information Table must be used.

Discussion

In order to store additional information about each user in your system it is necessary to create another table in a SQL database. This table is called the Extended User Information Table. It can have any structure that you like, but it must have a primary key field that contains the id of the user. The user id field should be indexed.

To create an Extended User Information Table, open the Web Security dialog by clicking the Web Security button on the Web Projects Control Panel. Then, launch the Security Settings dialog and click the Extended user-info table hyperlink at the bottom of the dialog.

This will bring up a dialog that will allow you to specify an existing table, or create a new table in the target SQL database.

When a user logs into an application, a session variable is automatically created to hold information from the matching record in the Extended User Information Table. The session variable is called:

session.extendedUserInformationJSON

The value in the session variable is a JSON representation of the value in each field in the Extended User Information Table.

For example, assume the following:

  • the Id of the currently logged in user is john.smith@acme.com.
  • an Extended User Information Table has been defined for the project.
  • the Extended User Information Table contains these fields: USERID, FIRSTNAME, LASTNAME, AVATARURL, COMPANY, DEPARTMENT
  • the record in the Extended User Information Table for this user contains these value:
    • john.smith@acme.com
    • John
    • Smith
    • http://images.acme.com/smith_john.png
    • Acme Corporation
    • Sales

When the user logs in the session.extendedUserInformationJSON variable will be set to the following string value:

{ 
    "USERID" : "john.smith@acme.com",
    "FIRSTNAME" :"John",
    "LASTNAME" : "Smith",
    "AVATARURL" : "http://images.acme.com/smith_john.png",
    "COMPANY" : "Acme Corporation",
    "DEPARTMENT" : "Sales"
}

Your server-side code can get the individual values in the string by first using the json_parse() function.

For example:

dim p as p
dim json as c
json = session.extendedUserInformationJSON
if json <> "" then
    p = json_parse(session.extendedUserInformationJSON)
    dim lastname as c
    lastname = p.lastname
end if

In addition, if the user logs in from a UX or Tabbed UI (i.e. not the Login component), a client-side Javascript object will be created with values for each of the fields in the Extended User Information Table.

This object is called A5.extendedUserInformation

If your Extended User Information Table has a specially named field called ActiveLanguage then the value in this field can be used to set the active language for the app. Normally the active language is set by specifying the language in the session.__protected__activeLanguage variable.

Templates 

A sample template component is available to edit data in the Extended User Information Table for the currently logged in user.

When you create a new UX component, select the SecurityFramework-Edit_ExtendedUserInformation template.

The template automatically generates a form based on the fields you have defined in the Extended User Information table for your web project.

Functions 

The following functions can be used to interact with the Extended User Information Table for a user.