3

I want to make simple authorization & authentification server (with proper audit logging).

I used to see on my job or in many examples classic CRUD approach for this purposes.

But now I'm thinking about try to use CQRS (+ ES maybe) approach for my simple web-app. But this app requires authorization & authentification (of course). And I want to keep it as separate deployed app with UI for admin.

But the question is, should I implement this separate server with CQRS approach as well? Or it will be an overkill for that?

It simply should return is current user is valid and user session time left.

P.S.

Server will be implemented via C# .NET

term definitions:

CRUD: Create, read, update and delete.

CQRS + ES: Command Query Responsibility Segregation + Event Sourcing

FrustratedWithFormsDesigner
  • 46,335
Danil Gholtsman
  • 133

1 Answers1

4

You can agonize over this issue but I've found the easiest path to a good design is to come at it from the using code.

Don't worry about how easy / hard it is to write. Worry about how it is to use. Can you provide a meaningful abstraction that hides details yet doesn't surprise people? The more effort it takes to explain its use to others the less helpful it is.

What you should be taking advantage of is that, unlike the people who designed SQL or your database, you know what your use cases are. So you can specialize and simplify.

If doing all that ends up no better than CRUD then just use CRUD.

candied_orange
  • 119,268