Re: Airtable Login System using API

rebal15 · ‎Apr 18, 2020

Ok so I know that this would be fairly complex, and may not be possible, but if it is, how would I go about making a login system using Airtable. I am trying to see if I can use Airtable as the backend database to something, and I’d like to try and refrain from using an SQL database, if possible. Of course, if completely necessary, I am completely comfortable doing so.

Any help is appreciated.

Bill_French · ‎Apr 18, 2020

Two things come to mind with this statement - please tell me which you are inferring:

A security login framework where Airtable is the datastore for the user credentials.
A security login framework to access Airtable data.

If it’s #1, I don’t recommend it, but I also don’t know anything about your grander objectives. If it’s #2, there are many examples where developers have abstracted Airtable data away from the Airtable app and provided fairly good security features. Stacker.app comes to mind as one to look at.

rebal15 · ‎Apr 18, 2020

It is option 1. I’d like to just attempt to do this.

kuovonne · ‎Apr 18, 2020

Are you looking for something like this article about creating a user database?

Keep in mind, that in addition to the security issues for storing user credentials in Airtable, you also have to figure out how to send those credentials back and forth securely, and how to use those credentials securely in the rest of your website.

One of my first projects when I was learning how to code was creating a user portal website with an Airtable backend. In that version, I stored user credentials in Airtable. So, yes, it is possible, even for someone new to coding, but it is also a lot of work.

rebal15 · ‎Apr 18, 2020

Your user portal project seems like exactly the sort of thing I’d like to do.

Bill_French · ‎Apr 18, 2020

Okay, #1 it is. This is possible, but it might not be ideal from a security perspective (and I’m no security expert either). In any case -

Create a web app; ideally using a server environment where you can protect the Airtable API key from prying eyes.
Create a login page that compares the user/pw to match up with valid credentials in the Airtable table.
If a match, allow the user to move past the login page, otherwise, block them.

rebal15 · ‎Apr 18, 2020

I’m a little confused as to how I can search through an Airtable database to find a username.

Bill_French · ‎Apr 18, 2020

Your web app could do this in a number of ways; here’s one…

Read all users/credentials into an array in your login page (assuming there are fewer than about 5,000 users for zippy performance).
You would then scan that array for a match.

You could also perform a direct queryFilter on the table via the API requesting only user/pw that matches.

rebal15 · ‎Apr 18, 2020

I think what I’ll do is use the queryFilter to find a username, get the hashed password associated with that username, and compare it to the password inputted.

kuovonne · ‎Apr 18, 2020

In my personal experience, building a user portal was considerably more difficult than Bill’s three steps imply. Probably by several orders of magnitude.

Plus, there’s everything you have to do once you move past the login page …

However, you are probably starting with more coding knowledge than I had, so it may be easier for you.