Customer migration from mobile db
Context
It is needed to migrate customer data from mobile app database to Auth0, define which data is needed to be migrated and how to call mobile app backend from Auth0 action to retrieve the data.
The mobile app database stores the following data for the customer:
| Field | Type | Description |
|---|---|---|
| allNotificationsDisabled | bool | Used for users who don’t want any notifications in the app, used by the mobile backend |
| createdAt | timestamp | Creation date time |
| text | Customer email | |
| eventInvitationNotificationsEnabled | bool | User turns off notifications just for event invites in the app |
| hybrisCustomerUID | text | Hybris customer id |
| id | text | Unique ID that the app has for each user, used for user identity. Different from Hybris ID |
| newFollowerNotificationsEnabled | bool | User turns off notifications just for new follower invites in the app |
| primaryRCCChapterId | text | Id of the primary official RCC Chapter the user is a part of, can only be an official RCC chapter |
| primaryUserGroupId | text | Id of the primary group the user is a part of, can be unofficial group created by any member |
| privateChatEnabled | bool | Some users don’t want others to be able to send them direct(private) messages in the app. If they request, we turn this field to false and no one can message that user any more. They will only be in group chats or ride specific chats in the app. |
| profileImageFileKey | text | This is null for every user, seems like a legacy field, still in graphql.schema though |
| pushToken | text | ID used to send members push messages |
| updatedAt | timestamp | Update date time |
| userType | UserType | User types supported by the RCC app, can be either 'Member', 'Coordinator', 'RideLeader', 'Admin' |
| zwiftUserId | text | Zwift number for a user, we can open the right profile page in the Zwift Companion app if we know this number |
| cachedName | text | Full name of a user(from Hybris) |
| roles | List<UserRole> | Used to assign custom roles for certain users. Currently only supports the role 'ContentEditor'. This is used to enable additional functionality for our Rapha Staff members who put up content in the app using Contentful and want to preview it before putting it live. If you are a ContentEditor in the app you can see contentful drafts. |
| hasExpired | bool | RCC membership expired |
| twilioSid | text | Legacy field, last used during a prisma migration in 2022, not used any more by the backend as far as I can see |
Decision
⚠️ Modified on 27 Jun 2023
As part of Discussion: Mobile DB we have decided to migrate the following fields:
| Field | Type | Need to be saved in Auth0? |
|---|---|---|
| id | text | To be saved to Auth0 |
| roles* | List<UserRole> | To be saved in Auth0 Just the one role supported |
*Roles won't be migrated on first phase, it will be done further.
The approach to migrate the mobile data into Auth0 has been changed due to several issues faced when trying to do the first approach.
Old Approach
Mobile Backend should set the needed user Mobile Backend data into Auth0 metadata when Create or Update mutation is called.
Proposal: Mobile database data migration from backend
Proposal: New Mobile Backend authentication
Consequences and limitations
- Mobile Backend user data won't be migrated until each customer logs in the Mobile App.
Blocking issues
- As Auth0 access_token is generated before createOrUpdateUser mutation, and mobile_id is set up by createOrUpdateUser. mobile_id is not available in the issued access_token or IdToken.
- Auth0 Authentication API has a low rate limit for the required calls from mobile app.
New Approach
RCC App data migration is performed from Auth0 Post Login Actions when a user logs into the app.
New rccAppUserMigration action will call createOrUpdateUser mutation to create or update the user in the mobile backend if not exist, retreive his mobile_id and save it in user's metadata.
setCustomClaims action will set mobile_id in access token custom claims, so it will be available for future calls to the mobile backend.
rccAppUserMigration action requires to get an application client access token in order to get access to createOrUpdateUser mutation. createOrUpdateUser mutation will allow only calls from that application client.
Consequences and limitations
- Mobile Backend user data won't be migrated until each customer logs in the Mobile App.
- Makes more complex and adds more HTTP requests to Auth0 Post Login flow.