Is it possible to send push notifications to External Users? I am using Xano as the external database.
Hi @hotdesk, My understanding is that, no, this is not possible they way you can for notifications with internal collections.
There are work arounds, I know that you could achieve this with using;
- Integromat with the Adalo notification API and the iterators and aggregators to send to groups/individuals. This will be very costly, as each notification is one credit. And on Zapier its one process per userā¦
- Creating a mirror database of your users but using the Adalo collections for notifications > groups/users. I.e the user exists in both Xano and Adalo internal collection.
@theadaloguy is developing an App also on Xano, therefore would be better placed to answer this, but, this is the general understanding that notifications to users do not work for external users the same as they do for internal users collection in Adalo.
Your best bet may be keep users on Adalo, but everything else on Xano.
Yeah Iām not sure number 1 works as it takes the email of Adalo user.
My solution was to have a normal app but use Adalo user as a bridge to the Xano user. So sign in with Adalo then use custom action logging into xano, returning user ID and auth token. At that point you can have user on xano and use the auth info stored on Adalo user.
Thanks for the reply!
So, if I store users in Adalo and everything else in Xano, how do I create relationships between them?
Thanks for replying!
So, your solution is to not use External Users, but sign up/login with user data stored in Adalo, and also add users stored in Xano to External Collections for use in the app, apart from the user data stored in Adalo?
Also, Iām really sorry for my poor Englishā¦
Yes exactly. I originally made with external users, but I had to copy across to a normal app so I can use normal Adalo login
OK. So, do I only need to store the email address and password required for signup/login as user data in Adaloās internal database? Or do I need to sync all user data with Xano?
You need the Xano user ID and auth token stored on Adalo. These are returned when you use a custom action to login to Xano. Youāll then use these to authenticate the request to the external collection (users)
Thanks! Let me ask the question again when Iāve learned a little more.
@theadaloguy I am planning on doing something similar. Question, I will only allow users to login on Adalo using Google or Apple. How do you authenticate them on Xano when you bridge them with the custom action? I guess I only have to pass the email since there is no password and it would be impossible to fake the login since there will be no manual email login option? Thanks.
Thatās a really good question and Iām not sure how youād do it. I think xano needs a password to authenticate as a normal xano user. Xano supports Google login but I assume you need the Google auth token, which Iām not sure Adalo gives back to you? If you can get the Google auth token, I think it can be done.
Perhaps if they use Google you can auto generate a password that is then saved for that user and used for Xano login.
Thanks @theadaloguy, yes thats probably the best way. Create a random Adalo password for them at login that they never actually see, and use it to authenticate with Xano.
As it is now, Adalo does not seem to support external Oauth2-requests, unfortunately, so we canāt use Xanoās login authentication.
Do any of you have suggestions on how to store the Xano auth token? My understanding is that the token will expire after a preset period of time (default = 86400).
Would storing it in the user collection be dangerous? Does Adalo allow you to log out the user after a period of time (say 1 day before the Xano auth token would expire)? Just thinking through unknown unknowns here.
Adalo doesnāt log out the user when the Xano token expires. One solution is just to make the auth token longer expiry (you can change this on the signup and login endpoints on Xano) and then have Adalo force the user to log out after that period of time. Have a redirect action which makes them log in again, then store the last login date on Adaloās database so you can use that to calculate when to log them out again.
In terms of security I think storing the auth token like this on Adalo User Collection isnāt ideal, itās a bit of a compromise. That said, I donāt think itās that bad, you need to balance that with the kind of data you are storing, and how sensitive it is.
This is exactly what I did. Set up a field in the user table āX days from nowā and have the āhomeā page for Adalo check if this field is greater than ānow.ā If it is, then it logs out the user. So iāve essentially jerry-rigged the authToken expiration to match Adaloās.
In terms of security I think storing the auth token like this on Adalo User Collection isnāt ideal, itās a bit of a compromise. That said, I donāt think itās that bad, you need to balance that with the kind of data you are storing, and how sensitive it is.
This is what I thought. Thank you so much for your thoughts @theadaloguy
Thanks for this explanation @theadaloguy. You wrote āhave Adalo force the user to log out after that period of time with a redirect actionā. Could you elaborate a bit more how to do I do this? So how do I trigger the redirect automatically? Would you put a countdown on every single screen in the application to check when the screen is loaded if the previously stored token expiration has been reached? Thanks so much for your thoughts on this!
I think as pablo said in the post above, just the home screen has the action would be enough.
Ok got it @theadaloguy . My issue was more that users have a screen open in their browser for 2 days and then they want to use the application again, e.g. filtering the list on the screen. In the meantime their xano token expired and then the application doesnt work anymore without showing them errors, the lists are just empty. In such a case, I thought about starting a countdown when they enter this screen to log them out after a day of inactivity. I am not sure though if the countdown on this screen would then stop counting when they navigate to a different screen.
You could just have screen action (no countdown). It would logout user and navigate to login page (conditional IF) user last login > 24h ago. So everytime they log in, have a property under user collection ālast loginā that updates.
You can also extend the expiry of the Xano auth token, as doing this every 24h is very tedious.