Identity & Access
Authentication, authorization, tenant isolation, and organization management for the Trovella multi-tenant platform.
The Identity & Access domain covers how users prove who they are (authentication), what they are allowed to do (authorization), how tenant boundaries are enforced across all layers, and how the organization model structures multi-tenancy.
Topics
Authentication
Google OAuth sign-in via Better Auth, session management, cookie caching, personal organization bootstrapping, and Personal Access Tokens (PATs) for MCP integration.
Authorization
CASL permission rules, role-based and attribute-based access control, ability definitions, and how permissions are enforced in tRPC routers.
Organizations
Three-tier organization model (personal/family/company), membership, invitations, and organization switching.
Tenant Isolation
The three-layer defense-in-depth model (session context, CASL, RLS), how the layers work in concert, enforcement mechanisms that prevent RLS bypass, and architecture review rules for tenant-scoped code.
Key Packages
| Package | Role |
|---|---|
@repo/auth | Better Auth configuration, session management, Google OAuth, org bootstrapping |
@repo/api | CASL ability definitions, procedure chain from protectedProcedure to authorizedProcedure |
@repo/db | Auth schema tables, RLS policies on member and invitation |
Cross-Domain References
- Data & Storage -- Tenant Scoping -- RLS policies that enforce tenant isolation at the database layer
- Data & Storage -- Procedure Chain -- the tRPC middleware chain that connects authentication to authorization to database access
- Infrastructure -- Secrets & Configuration -- auth-related environment variables and secret management
- Infrastructure -- Deployment -- Google OAuth consent screen for production