0

I'm trying to design a database for supporting a multi-step registration flow. The registration flow goes like this: the user logs in via OAuth (which creates a session and user), then they're asked to complete the registration by providing a name and username. What is the best way to capture this in the database?

Should I just make a single user table with nullable name and username columns?:

CREATE TABLE users (
    id UUID PRIMARY KEY,
    name TEXT,
    username TEXT
);

CREATE TABLE sessions (
    id TEXT PRIMARY KEY,
    user_id UUID NOT NULL REFERENCES users (id),
    expires_at TIMESTAMPTZ NOT NULL
);

Or should I separate the profile information into a separate table like this:

CREATE TABLE users (
    id UUID PRIMARY KEY,
    profile_id UUID
);

CREATE TABLE profiles (
    id UUID PRIMARY KEY,
    name TEXT NOT NULL,
    username TEXT NOT NULL
);

ALTER TABLE users ADD FOREIGN KEY (profile_id) REFERENCES profiles (id);

CREATE TABLE sessions (
    id TEXT PRIMARY KEY,
    user_id UUID NOT NULL REFERENCES users (id),
    expires_at TIMESTAMPTZ NOT NULL
);

I feel that one advantage here is that I can simply check if the profile_id column is null or not to determine if the user has completed the registration process. But I'm not sure if this a good idea.

Any opinions of this? What's the conventional way of going about this?

Improve this question
5
  • 3
    In your registration flow, what can a user do between the OAuth step and providing name & username? Can they close their browser session? Can they use the site in any way?
    – Bart van Ingen Schenau
    Commented Oct 3, 2024 at 13:37
  • After the initial OAuth login, the user does not gain any privileges compared to anonymous users, except the sign in page will directly redirect them to the registration form. They should be able to close the browser session and try to log in again later.
    – Kyle Richards
    Commented Oct 3, 2024 at 16:10
  • If they user cannot do anything except complete their user profile, do you need anything saved to the database at all prior to submitting the profile form? I don't see two steps at all. At least not from a data storage perspective.
    – Greg Burghardt
    Commented Oct 3, 2024 at 17:00
  • I need to store and track the session in the database (I'm using db-backed sessions). I omitted this in the post, but I'm also storing metadata info from the OAuth provider when the user first logged in, with another separate table.
    – Kyle Richards
    Commented Oct 3, 2024 at 17:28
  • The session is transient data, not a core part of someone's user profile, especially when there is no user profile.
    – Greg Burghardt
    Commented Oct 3, 2024 at 17:46

1 Answer 1

Reset to default
1

With a Single Users Table and nullable fields is typically more efficient for simple flows. It minimizes joins and keeps queries straightforward. You can easily check if registration is complete by verifying if name or username is null.

However, separating profiles into its own table provides better normalization and scalability. If you expect profile growth or need more structured data. This also cleanly separate concerns between authentication (OAuth) and user profile details.

Improve this answer

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.