https://www.ory.sh/ logo
#general
Title
# general
r

rhythmic-toddler-31735

05/02/2022, 6:33 PM
Hello everyone, I've few questions regarding ory ecosystem, so I can decide if it's the right tool for my project. So first, I'd like to use ory kratos for auth, as far as i understand kratos uses separate database, so if f.e. i use postgres in my main app and i'd want to let people add comments (something simple like userId + text) the correct way to do this is create user in user table in kratos hook? My second question refers to ory keto. As far as I understand ory keto is simmilar to kratos in the way it is decoupled from my main app database. So let's say i want to limit users so they can only see their own comments i should add relation in keto after adding comment to my app database, is that correct?
d

damp-sunset-69236

05/03/2022, 7:52 AM
Hello, @rhythmic-toddler-31735. Kratos has hooks to provide integrations during the authentication flows (e.g. registration, login, verification). Small real-life example. For instance, you have an ecommerce service and you want to send an additional email once email was confirmed by the user. In that case, you can use verification.after hook to make a request to mailgun/mailchimp or any other smtp provider I think that calling
/sessions/whoami
endpoint would be enough to solve your issue and it looks like 1. Get session by calling
/sessions/whoami
2. Ensure we have valid session 3. Get
session.identity.id
and use it as identifier of the user 4. Store it in the database Let’s talk about Keto. Keto is access control engine and you need to keep in mind that requests to keto should be authenticated and authorized because it doesn’t have any mechanisms to check that. Honestly, for your case, using keto looks like a little bit of overcomplicating things, because you can get comments by running query with user_id, like
Copy code
select * from comments where author_id=$identity_id_from_kratos
On the other hand, Keto is useful to provide access control features. Let’s say that you have
moderators
group and they can edit/approve comments. It means that you need to implement access control features and it sounds like a job for Keto. You can add
edit
permissions to some users.
🙌 1
s

steep-lamp-91158

05/03/2022, 8:08 AM
tl;dr Keto: yes, to use Keto you would add the relation tuples as a side-effect during comment creation
r

rhythmic-toddler-31735

05/03/2022, 8:42 AM
Thanks for answers, i was looking around docs and imao it could be outlined more, so you don't have to reply to such basic questions. @damp-sunset-69236 answer could literally be copy pasted as example workflow with ory ecosystem. Again, thank you guys 🙂 PS. I asked about keto just to understand it, cause that totally is overkill for my app, but it seems like it could be useful in the future :-)
s

steep-lamp-91158

05/03/2022, 8:53 AM
nice, good idea maybe @damp-sunset-69236 can find a place to add it in the docs?
or do you know any place?
r

rhythmic-toddler-31735

05/03/2022, 9:41 AM
I think main 'guides' section could be good place. Something like 'ory ecosystem workflow' with short explanation how you'd integrate each tool into app.
👍 1
m

magnificent-actor-67130

05/07/2022, 3:15 AM
I found this to be useful - https://www.ory.sh/docs/ecosystem/projects
f

fast-guitar-70261

05/17/2022, 7:08 PM
Thanks! I was looking for this as well. It would be helpful to have these kind of real-world implementation examples.
2 Views