开发者

It is possible to manage users/identities in a data store that exhibits eventual consistency?

开发者 https://www.devze.com 2023-04-03 09:46 出处:网络
Is it possible to create/store user accounts in a data store that exhibits eventual consistency? It seems impossible to manage account creation without a heap of ar开发者_如何学编程chitectural comple

Is it possible to create/store user accounts in a data store that exhibits eventual consistency?

It seems impossible to manage account creation without a heap of ar开发者_如何学编程chitectural complexity to avoid situations where two account with the same UID (e.g. email address) can occur?

Do users of eventual consistency stores use a separate consistent DB as an identity store, or are there solutions/patterns that I should be exploring?

Thanks in advance,

Jamie


It is possible to do use management in an eventually consistent data store. We do it. It works under the following assumptions:

  1. Conflicts shouldn't happen and when they do there's a clear path to conflict resolution. If the account ID is a person's email address, then if two separate people try to register under the same email there's a bigger problem here. What we do in this case is block both new accounts as soon as the conflict is discovered and send an email to the address in conflict explaining to the user that there's an issue (possible fraud). You can either ask the user to reset to the account or ask them to contact support.

  2. Repeated access by the same user within the timeframe in which the data is inconsistent go to the same replica. For instance, if a person just registered and the next request is a login, you must validate that login against the data replica where the new registration details exist. So if the eventual consistency is due to multiple data centers in different geographic locations and under normal conditions a request goes to the closest data center geographically, you're OK.

There are some edge cases, such as if a user registered against one data center, then that center crashed, and now the user cannot login even though he still can see the application - served from some other data center. You can calculate the expected frequency of this case based on your number of daily new users and average data center downtime. Then decide whether it's worth worrying about one user in a (million/billion/whatever your number is) having a problem and possibly contacting support. I faced the same decision not long ago and decided that from a cost-benefit perspective the answer is no.

0

精彩评论

暂无评论...
验证码 换一张
取 消