custom session fields
Is there a way to add custom fields to the user session? More specifically, I’m building a multitenant app and need to store the following fields:
roles: Array<Role>
orgId?: Organization["id"]
I’d also like to update these fields - for example, when the user switches organizations, both orgId and roles should be updated in the session.
4 Replies
Hi @|name|. I'm kapa.ai, your friendly support bot. I will try to answer your question by searching through the knowledge base. :wave:
----------------------
I'm sorry, but the knowledge sources do not contain information about adding custom fields to the user session in Wasp. The documentation explains that Wasp uses sessions to keep track of the logged-in user, and these sessions are managed using Lucia Auth v3, with session data stored in localStorage on the client and in the database on the server. However, there is no mention of a supported way to add or update custom fields (such as roles or orgId) directly in the session object.
The recommended approach for handling roles and organization membership in a multitenant app is to store these fields on the User entity or related entities in your database, and then query them as needed. For example, you can add a roles field or set up relations for organizations and roles, and check these values in your queries or actions to enforce authorization logic. Updating these fields when a user switches organizations would involve updating the relevant database records, not the session itself. This is confirmed by community discussions, which suggest handling roles and group membership at the database/entity level rather than in the session object itself Teams/Groups Discord thread.
If you need to access additional user-related data on the client, you may need to perform extra queries after authentication, as currently the user object passed to pages is fetched via a simple Prisma query and does not include custom session data Github Issue #1554.
In summary, Wasp does not currently support adding or updating custom fields in the session object, and the recommended approach is to manage such data in your database entities.
----------------------
Note: you can ask me a follow up question by @ mentioning me again :speech_balloon:
----------------------
Sorry @|name|, I seem to be having a bit of trouble. Don't worry though, I've pinged my support and they will try to fix me up! :technologist:
Perhaps try again in 15mins?
You might like to check out this schema: https://discord.com/channels/686873244791210014/1215047437929160724/1215047437929160724
@|name| overall this functionality has to be implemented in your own code, wasp doesn't have native support for multi-tenancy (you can follow this issue for updates, but I don't think this will get done in the short-term future)
the schema shared here is a good example. is that useful for you?
It is somewhat, thank you. I was primarily trying to follow this design https://blitzjs.com/docs/multitenancy, which is explained in more detail in this blog https://www.flightcontrol.dev/blog/ultimate-guide-to-multi-tenant-saas-data-modeling, since I had that implementation before switching to wasp. Maybe somebody finds it useful as well. 🙂