Build a Multi-Tenanted, Role-Based Access Control System

You've probably got one of the first YT tutorials with Drizzle.
Recently implemented multi-tenant auth in a Next app with tRPC recently using lucia-auth and some custom data flows for the tenants.
This video would have certainly helped then to get an idea of how everything flowed into one another.
Kudos and thanks for the video Tom.

The drizzle bit was as if you read my mind on what I need to read up on next. Many thanks, top quality as always!

Excellent video. Your videos are very well structured and codebase is nicely organized.

both drizzle and fastify are libraries I wish to use more and you're helping me a ton with these videos!

You're the best thing to ever happen to my career. I have learned so much from your videos. Thank you for making these tutorials free for all. Love from 🇳🇬

Thanks for the video. I'm currently on SaaS MT side-project with a different stack but the content brought me light on some principles I have struggled to understand.

Thanks for this. Practical examples of Drizzle are scant at the moment. Would love to see more on that.

Thanks for the video Tom. I have started this video and I am 100% sure this going to very informative. You are just awesome

this tutorial is really amazing. considers all best practices and modern approaches. i am actually going to migrate from nestjs to this.

thank you for your great content 💖
very helpful video

Great content!

Happy Birthday to you, Sir. Thanks for your amazing content

I have been refreshing the channel for 4 days waiting on this one!
Gotta tell the mrs to go out tonight, it's just me and a multi-tenanted, role-based access control system

Finally! A video

i was tryhard implement this using mysql, lol. thanks i learn something with this tutorial

Thanks Sensei :)

Learned alot today thanks Tom. I am thinking how it would look like with nextjs

Next up: Authorization using Access Control Lists. Didn't see an implementation of this yet anywhere on YT.

Amazing

Thanks you for this amazing video. I got tons of knowledge. Btw, can you make a video that dive deeper into the role based access control system?

I think more drizzle tutorial would be nice

Thank you Tom 🖤
You are the Best
Can you do TypeScript video?

Wow 💖

Awesome video +++++++++ 🙂

Really great explanation here, thank you so much. I’d love to hear your thoughts on a issue I’m having. I’ve never understood the reason to store permissions in the signed JWT. I understand you can pull the permissions from the token on every request and perform logic based on those permissions, but what happens if your permissions/or role have changed by a third-party. The permissions would then be stale. I guess this opens the case for querying the database on every request in order to get the most up-to-date role and permissions for the requesting user but then there’s no reason to save the permissions in the JWT if you’re going to do that. Personally I just store a userId and query the database for each requests but maybe that’s a naive implementation. Id love to hear your thoughts! Cheers 😅

Tom - You legend! I've been looking for a tutorial like this for ages. And you used Drizzle ORM which I believe is going to be huge.
Question: You've created the permission as strings. Is this convention or is a separate table for permissions the convention. What's your personal preference?

Hey Tom,
Sending you lots of love ❤❤❤❤. As always, I've been watching numerous videos to support you, even during my break time. I just let the video keep playing 😁
What is the best way to conduct testing for this API project? Should I use Open API v3 in my project or opt for Postman or Thunder Client? Additionally, What is the recommended approach for database schema: Drizzle schema or Zod?

how can we create the migrations file naming as our preference?

Thanjs for this tutorial, this made me realize I was designing authentication all wrong, just one question, is tgere a reason the permissions are stored on a separate table? It would make sense to just put it on the users object

How can I use Postgres based schema multi-tenancy?

Do you plan to cover video on payment gateway, how to setup for recurring and verify using webhook?

If you got multiple instances of your server, is it sensible to decouple migrations from application startup? As if multiple instances spin up with migrations coupled to migration startup, you are running the same migration when a new server spins up.

but how does the user login to the system in the frontend? do they have to type the application id as well each time they login? or can we hide it behind implementation like sub-domains?

How would you handle permissions for a specific entity? for example if a user can create posts for a specific project only. Where would the identifier of the entity live? would it be ok to insert it in the permission string? "project::post:write" or would it be better to live in the db and introduce a permissions table that holds this information? If in db, I'm thinking you would want to create generic fields to that you don't have to create a join table for each entity that requires specific permissions. Thanks for the video.

Can you please make a video using fastify with the ts-rest library and their fastify module? It's like trpc but for rest. It looks awesome but there is no content out on it :( Thanks!
A nextjs / fastify/ ts-rest stack

I have to add company before i start an application? So, there must be 2 steps on registration?

Hi tom, im building a hms and i need a solid structure for the multi-tenancy, i would love to pick your brain if possible

how to regenerate new jwt token? when some user permission update?

Do you recommend Drizzle over Prisma?

I am begiinner. But I stucks in the logic building help me.

Drizzle doesn't support transaction

it might be me but it looks like a lot of boilerplate