User account design and security

Question

Before I begin, I am using Ruby on Rails and the Devise gem for user authentication.

Hi, I was doing some research about account security and I found a blog post about the topic awhile ago but I can no longer find it again. I read something about when making a login system you should have 1 model for User, this contains a user's username, encrypted password, and email. You should also have a model for a user's Account. This contains everything else. A User has an Account.

I don't know if I'm explaining this correctly since I haven't seen the blog post for several months and I lost my bookmark.

Could someone explain how and why I should or shouldn't do this. My application deals with money so I need to cover my bases with security.

Thanks.

Answer 1

Well, it looks like a good architectural decision to keep those models separate because they refer to the different entities: User model belongs to auth system and Account model belongs to user profile management system. But it all depends. If your models are really tiny(say, 3-5 fields each), you probably couldn't have any advantages from such separation but additional headache. But, if your models are large and, say, User model is going to be used much more frequently - then you should think hard about implementing different models for clarity and performance reasons.

Answer 2

Using different models to handle User (a model that handle basic authentication) and Account (a model that holds all the informations about what a user can do, how, ...) could give you some plus:

1. storing User's data using a secondary storage system exposing higher security level
2. restricting User's data access by other application artifacts (models, controllers, whatever)
3. making code review and security audit easier

I tend to add personal informations (real name, phone number, ...) to the the User model while exposing operational data about the user in the Account model (nickname, bio, ...).