Auth schema

Email verification flow

Problem

Setting up auth can be annoying

Auth is one of our flagship features, it’s simple to get started and it’s free. But sometimes setting it up can be annoying, copy pasting the User and SocialLogin entities every time. Currently, developers are mixing their business logic (e.g. tasks) fields with Wasp’s auth fields (e.g. password) etc.

We don’t want the user to know details about auth implementation details. One of the most annoying details is caring about the Prisma models that are related to auth.

Developers have to define the User and SocialLogin with all of the fields

It would be cool if developers could only define their fields

• For the curious readers: change in the amount of code

Some problems we hope to solve

• users being annoyed that they have to copy paste Prisma entities in order to get the auth to work
• if the users want to change from username to email based auth, they have to change the entities and migrate their data
• the business logic fields are mixed with auth fields in a single User entity
• if there are some changes, upgrading from Wasp X to Wasp Y version would require the users to edit the auth entities

We want to avoid

• breaking existing apps if possible
• losing any existing auth functionality

Implementation

Auth entities

We want to keep all of the auth related data in their separate entities, we’ll name them Auth and SocialAuthProvider (

model Auth {
  id                      String               @id @default(uuid())

  // Both email and username are here and both are optional (read more below)
  email                   String?              @unique
  username                String?              @unique
  password                String?
  isEmailVerified         Boolean              @default(false)
  emailVerificationSentAt DateTime?
  passwordResetSentAt     DateTime?
  userId                  String?              @unique

	// Connection to possible social auth providers
  providers               SocialAuthProvider[]

	// Connection to the business logic user
	user                    User?                @relation(fields: [userId], references: [id], onDelete: Cascade)
}

model SocialAuthProvider {
  id         String @id @default(uuid())
  provider   String
  providerId String
  authId     String
  auth       Auth   @relation(fields: [authId], references: [id], onDelete: Cascade)
}