Title: Structuring a Membership App for Subscribers with Exclusive Content Access

daniel_jackman · January 2, 2025, 4:54am

Hello Wappler Community,

I’m planning to build a membership app where users can sign up or log in to gain access to a members-only area with exclusive content. To clarify:

I don’t need to manage or create content dynamically; I just want to restrict access to specific sections/pages based on membership status.
I don’t want the content to be publicly accessible or indexed by search engines—it should remain completely behind a login wall.
I’m not looking to gate content in the sense of showing public content (like blog posts or videos) where users scroll down and then see a sign-up prompt. Instead, the content will only be visible after login.
Access to content will also depend on membership levels or user roles.

I’m a bit unsure how to structure this properly in Wappler. Should I be using Database Security Provider, User Roles, or some specific tools/modules in Wappler?

If anyone could guide me on:

Best practices for setting up user authentication and restricted pages
How to structure the backend and database for member roles or permissions
Any step-by-step tutorials or documentation links for creating a basic membership structure in Wappler

Thanks in advance for your help—I’m excited to get started!

ben · January 2, 2025, 5:20am

Have you had a look at this playlist?

https://www.youtube.com/playlist?list=PLUjqTJN3byC9W9UFjsV9f9vefe_ZSFQfb

daniel_jackman · January 2, 2025, 9:49pm

Hi Ben, I haven’t seen those. If you’ve reviewed them all, could you let me know if any specific videos from this list might be helpful? as I’m already familiar with the Wappler platform.

Apple · January 2, 2025, 10:03pm

Hi,

This is the hardest thing to decide, and I'm not an expert in such architectures but I'll try to answer anyway.

Membership levels can be numbers from 0 to whatever, or user roles can be like "member-plus", "member-premium". Or you can have a table that grants certain content/course to a user ID:

course_id, user_id
30, 1

My personal opinion, what provides the most flexibility is the last approach above - that's what I would choose.

In the websites I build I only use Database Security provider, I don't use User Roles (I'm not familiar with them), every logic I build manually using Conditions to check if the user is allowed to access a given resource. I also make use of Global steps ("Globals") to run those checks:

Evaldas · January 3, 2025, 9:45am

Also, in case you have a lot of dynamic content, where different members will have a different access to a diferent content, you may need a different approach to accessing your content. I had such case, where member tree has more leaf bracnhes than the basic user roles were able to handle.

However, the complexity only makes sense if the amount of content differs user by user, if the default rules are sufficient enough, id just stick with simplicity.

But if you need something more complex, why not to create seperate table

`CREATE TABLE users (
    id INT4 PRIMARY KEY
);

CREATE TABLE content (
    id UUID PRIMARY KEY,
    --other content columns
);

CREATE TABLE permissions (
    id UUID PRIMARY KEY,
    user_id INT4 REFERENCES users(id),
    content_id UUID REFERENCES content(id),
    view_content BOOLEAN,
    download_content BOOLEAN
    -- other permission columns
);

SELECT content.*, permissions.*
FROM content
INNER JOIN permissions ON permissions.content_id = content.id
INNER JOIN users ON users.id = permissions.user_id
WHERE users.id = :P1 (binded to identity)
AND content.id = :P2 (binded to contet.id e.g. D5E6B366-C9B4-11EF-B68D-F6B5725DCBF8
)

If record exists, you gain access to permissions to given content.
With this approach, you can set dynamic permissions to each of the content within db