zhaoyongjie commented on PR #27631: URL: https://github.com/apache/superset/pull/27631#issuecomment-2025838036
> We can't store the tokens in the user table because it's a 1:n relationship. Storing in a table has the benefit that it's easy to make sure it's always encrypted, which is important since these are credentials, and we don't have to worry about session hijacking. The `1:n relationship` can be maintained in the business codes and stories as JSON or any other preferred data structure. Credentials can also be managed within the business codes. The same data structure is used in dashboards.json_metadata and elsewhere. > I wouldn't call it a super complex key topology, it's two foreign keys to the user and the database tables, with cascade deletes to clean them up. If you have experienced the Sueprset migration process, you can experience how "poorly" designed foreign keys and cascade deletes are. :) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@superset.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: notifications-unsubscr...@superset.apache.org For additional commands, e-mail: notifications-h...@superset.apache.org
