The way I understand multi-tenancy is that it allows multiple apps to use the same database.
If the authentication system is running inside the database, then you can write a half-dozen different front ends and you won’t have to worry about implementing an auth system each time you do that.
Without a database layer auth system, you can’t have a half-dozen different apps all providing different views and functionality over the same database layer without either:
- giving each app the database credentials and hoping they don’t mess up the data and carefully coordinating between them all
or
- bundling the half-dozen apps all within a monolith Phoenix app
It seems to me that both of these approaches have a clear downside.
In the first case, passing out your database credentials to various short-term contractors you’ve hired and then making sure each of the half-dozen apps is careful about data and has solid auth logic is just dangerous and requires too much coordination.
In the second case you’re bundling code together that doesn’t really belong together, making a much more complex app, and you also cripple the ability to just use a different tech stack altogether where it may make sense for some oddball niche use-case.
In addition, an auth system that runs within Postgres is more secure because it is more difficult to get around (by virtue of being closer to the metal) and is also more powerful because it allows for row-level security, which allows for much more granulated control.
In short: using a Postgres-layer auth system is more powerful and more secure, but is also more flexible.
The final thing I’ll say is that the BEAM ecosystem really shines at solving a particular kind of problem – it is good for systems that need easy and scalable multi-threading along with a supervision system to make it highly reliable.
The BEAM was not built for writing front ends, and nor was it built to be a way to talk to a database. It was built to reliably keep a million processes running through thick and thin. By using a Postgres-level auth system, you can keep your BEAM code focused on what it does best while also adding flexibility, and leave the stuff it was not meant for to be done by other technologies that were in fact meant for them.
I’m actually curious about what I’m not understanding here – I would love to hear someone make a counter-argument to my perspective.