1

I'm looking for the right strategy for my api server written in NestJs. I'd like my users to be linked to organizations and I manage to include in my token an organization ID, which I find when I make requests, so far so good. The goal would be, for example, that each organization queries entities belonging to it. For example: "John Doe" connects he belongs to the organization "OrgA" when he makes a get on the catalog, I can read in my token that it's John Doe and that he belongs to OrgA but I would like him to see the OrgA catalog not the catalog of all the organizations... Do I have to make a middleware that connects me to a DB whose name would be "OrgA" or do I have to make a filter on my default DB? Or should I make a Tree in my default DB ? I don't find any examples on this subject. Thank you in advance

// In my catalog.controller.ts

@UseGuards(JwtAuthGuard) // user guard
@Get()
getAll(@Request() req){
    const user = req.user; // info user in my Token
    console.log('user Token',user);
    return this._catalogService.findAll(user.organization);
}

// In my catalog.services.ts

  findAll(organization: string): Promise<Zones[]> {

  console.log('findAll service org', organization)

    return this.catalogRepository.find();
  }

If find this post: NestJS : database connection (TypeORM) by request (subdomain) I try it but in the middleware I doesn't have my org in the header just the token, and if I try manually to connect a database the catalog service connection.name is the default database...

Or maybe the solution would be an Api/Redis server for the login with in the return something to access the API of the linked organization. And that each organization have their own dedicated API server in a container? No one knows which good practice I should go for?

0 Answers0