Alternatives to Email Pin?

I’ve been trying to think of alternative ways of protecting some data while reducing the burden on users. Is there any plan to change this :point_down:?

Using if/then columns, template columns, and relations, I could check a currently logged-in user against an email whitelist and also check for a password match. If those things are verified, the current user becomes a row owner for all relevant data.

This would be huge for me and I imagine others. Would also make it more functional to have gated access to content - some parts are public to all (such as selling points of app, greeting), but you have to be an authorized user who is signed-in to access the rest.

Computed columns are computed on a user’s device after all data is downloaded. Those computations do not happen on the server. At that point attempting to apply row owners to a computed column would be pointless because data security would have already been compromised by pushing all data to a user device instead of only the user’s owned rows. At that point it would be no different than using a filter.


Oh ok, that makes total sense. I suppose I tried to find hope in the “You cannot at the moment …” part of the notice, thinking it might be possible in the future. Back to the drawing board.

1 Like

Yeah, I think it would take a complete rework of how glide works now, to make something like that possible.

Easy man, just put a validation code on the user table, create a self relation to it that point from a user-column field that has to be introduced once
Then you must check in all functionalities if the self relation is not empty (or even better a look to it) then this is your user.
The best is to put this value in a global variable, means a variable that is in table with one record only where you put all informations useful across all tables ( like the current user code )
Is it clear?

Thanks for jumping in. I’m not 100% sure I understand your point, but I think you are talking about ways to filter or create conditions for visibility based on validation? If so, that won’t be secure enough for what I’m looking for. If you are talking about something else please let me know because I am very open to any ways to make this better for my users!

let me prepare something so I make it more clear.
give me few minutes

have a look at this, I hope I got what is your need.

actually sorry, also the passcode field in LastClick table must be user-column

ERRATA CORREGE: the ROW OWNER must be removed otherwise there is no access to the USER info!
So the question is, can the value of the PASSCODE be captured by others?
to increase safeness is possible to encrypt the introduced passcode as well the one is on the table.

I made this app available for copy… just in case.

Thank you for putting in this effort! I think the ultimate challenge I have is that the access to certain tabs and data will rely on conditions, rather than being truly protected. You’re working toward a more sophisticated way of checking a password, but my understanding is that without using the existing authentication method or row owners, a person can still access data that they shouldn’t.

For example, let’s say I want to only allow approved users access to my course. The average user wouldn’t necessarily know how to access all the data for that course unless it is laid out for them in visible tabs and screens. However, if access to the course is only gated using visibility conditions and filters to either show or not show those tabs, a sophisticated/motivated person could still access all of the data anyway.

1 Like

yes, the row owner is verified against the User profile entrance only (unfortunately).

If you are using a GSheet then you could use vlookups to fill in your row owner columns. I try (wherever possible) to include the row owner info in a set column values or an add row action. For every other row owner I use vlookups to bring in the data.

1 Like