The e-commerce mini program mentioned in this paper is a B2B2C online cake DIY platform, which focuses on “online cake customization” and supports online sales of finished cakes. The project is hereinafter referred to as BC.
As a startup, the BC team needed to quickly prototype the product to validate the market. And any product, in order to track data, must have a user system, which includes the user login, registration, third-party login, forget the password and other trivial functions, but also includes the administrator of user information management and security authentication. If these peripheral businesses are completed first, the core business will be delayed. In order to speed up the development of the system and reduce some unnecessary development time, Steven, the founder of BC, chose Authing Cloud authentication (Authing.cn) to solve this part of the need.
Here’s what he shared:
A, choose
I discovered Authing on V2EX two months ago. At that time, I was conceiving BC project, which had two core businesses, one was an e-commerce platform of B2B2C and the other was an online DIY cake. In order to enable our developers to quickly move into core business development, we plan to use Authing for authentication.
After I decided to use it, I got in touch with the founder of Authing, who worked closely with us. For example, BC client was on the applet. At that time, Authing did not support applet. Therefore, we bypass applet and use the newly opened Web-view of applet to complete the access of Authing. In addition, Authing also helped us to complete the design of the database. Our local database only stored the user’s authingId and the user information passed by the small program.
Second, the challenge
What I want to do in this video is talk a little bit more about technical access, so if you don’t understand it, you can skip to the end.
Let’s start with business. BC is a B2B2C platform, which means we need at least three user identities:
1. Buyers (customize cakes, order cakes)
2. Sellers (manage commodity data, receive orders and deliver goods)
3. Administrator (Manage all data of the platform)
Authing can isolate user data by creating applications, so we created three applications on Authing platform, and realized privilege isolation in BC system by judging the application ID in the program (the ID of the application will be attached to the token after successful login, which can be read directly).
Since then we have solved the problem of user identity, but there is no immediate access to the business, and we need to design the database structure. With the assistance of Authing, we completed the database design of three user tables:
As you can see, our table structure is very simple. It only took 10 minutes to complete these three tables.
After our development team had written the additions and deletions of these three tables and configured CORS, we started to officially access Authing.
First plug in the applet.
The front-end uses the code in vue-demo provided by Authing to quickly complete a web-view based authentication web page. When a user accesses BC applet for the first time, he/she will jump to this webpage for authentication (the user’s wechat information will be sent to the authentication webpage through PostMessage), and then the authentication webpage will send the user’s information to Authing for authentication. After passing the authentication, he/she will jump back to the applet. Then the small program stores the Authing Token and other information to complete the authentication. (Each request in the future needs to send the Authing Token, and then the back end verifies whether the Token is valid).
The whole process took about 2 hours from the front end. When we logged in from the test applet, we were very happy to find that Authing had synchronized the increase of user data and could see the statistics.
Then access merchants and administrators, we require merchants to use only wechat scan code to log in.
Since the admin background is web-based, development was quickly completed using Authing’s JavaScript SDK directly. It is worth saying that, when doing wechat scan code login, we only wrote the client login storage code, the whole wechat OAuth development process is extremely simple.
We only configured wechat’s Client ID, Client Secrect and Redirect URL in the background of Authing, and then read the “enabled” OAuth service on the Client side. We don’t have to worry about any operation of users from code scanning to successful login!
Three, put into production environment
It’s hard to imagine that in one day we could get through the user flow and have a whole GUI for managing users. The next day, our team went to the core business and the process went smoothly. Two months later, we had all the features developed, tested, and operated, and put the product and Authing into production.
Although Authing helped us with a lot of work, Authing still had a lot of features to work on. For example, user management Hook should be added. If I delete a user in the background of Authing, then I can trigger a remote API that allows me to delete other associated information of that user in the local database. In the same way, you need to add and modify. But for a start-up product, Authing has really met our needs well.
I also like Authing, a cloud platform that builds on some basic functions. If you are looking for efficiency, going to the cloud is a good choice.
China did not experience the process of industrialization. From the Westernization Movement to the introduction of the Industrial system of the Soviet Union to the accession to the WTO, all these technological changes were driven by the introduction of the upper class, rather than the transformation of social production relations driven by capitalists and inventors as in the Western society. However, for the foreseeable future, as finance, healthcare and income improve, I am optimistic about the future efficiency of Chinese society.
Learn more:authing.cn
Github:github.com/authing