| ▲ | cryptonector 6 hours ago | |
Sounds really good. Your vision is excellent, and I admire it and your work. BTW, it's very important to get the details of authentication and authorization right. PostgREST does: it validates JWTs and exposes the claims to the SQL application via set_config()s, just like every detail of every request, and it does a `SET` to set the role to whatever the authenticated user is, though this could be done by a SECURITY DEFINER function instead that looks at the claims. | ||
| ▲ | erichanson 2 hours ago | parent [-] | |
Real talk. https://www.postgresql.org/message-id/flat/894C0144-5BCC-41C... set_user extension is AFICT essential for scaling user-per-role. | ||