Having a seperate user_id from auth.uid() better or worse?
So I am developing a web application where privacy and security takes the top priority.So sometimes we need to a userIdentifier to know who is who right? like say messaging we need to see who sent message to organise the UI properly So in my public.users table I have my own user_id (uuid created when i insert when a new user is created) .By this way even if a user_id (the one i created ) get exposed there wouldn't be a security issue.
Cons:
1) Overhead query ..need to get user_id from auth.uid() every time i need to do something
2)Complex RLS implementation
pros:
1)auth.uid() will not be exposed hence improved security (may be not sure)
2)No overhead query
Not sure if user_names are implemented the same way in other systems
Am I doing it wrong?
Cons:
1) Overhead query ..need to get user_id from auth.uid() every time i need to do something
2)Complex RLS implementation
pros:
1)auth.uid() will not be exposed hence improved security (may be not sure)
2)No overhead query
Not sure if user_names are implemented the same way in other systems
Am I doing it wrong?
