Built-in Users Collection Guide - Go SDK Documentation

This guide explains how to use the built-in users collection for authentication, registration, and API rules. The users collection is automatically created when BosBase is initialized and does not need to be created manually.

Overview
Users Collection Structure
User Registration
User Login/Authentication
API Rules and Filters with Users
Using Users with Other Collections
Complete Examples

Overview

The users collection is a built-in auth collection that is automatically created when BosBase starts. It has:

Collection ID: _pb_users_auth_
Collection Name: users
Type: auth (authentication collection)
Purpose: User accounts, authentication, and authorization

Important:

✅ DO NOT create a new users collection manually
✅ DO use the existing built-in users collection
✅ The collection already has proper API rules configured
✅ It supports password, OAuth2, and OTP authentication

Getting Users Collection Information

// Get the users collection details
usersCollection, err := client.Collections.GetOne("users", nil)
if err != nil {
    log.Fatal(err)
}

id, _ := usersCollection["id"].(string)
name, _ := usersCollection["name"].(string)
collectionType, _ := usersCollection["type"].(string)

fmt.Printf("Collection ID: %s\n", id)
fmt.Printf("Collection Name: %s\n", name)
fmt.Printf("Collection Type: %s\n", collectionType)

Users Collection Structure

System Fields (Automatically Created)

These fields are automatically added to all auth collections (including users):

Field Name	Type	Description	Required	Hidden
`id`	text	Unique record identifier	Yes	No
`email`	email	User email address	Yes*	No
`username`	text	Username (optional, if enabled)	No*	No
`password`	password	Hashed password	Yes*	Yes
`tokenKey`	text	Token key for auth tokens	Yes	Yes
`emailVisibility`	bool	Whether email is visible to others	No	No
`verified`	bool	Whether email is verified	No	No
`created`	date	Record creation timestamp	Yes	No
`updated`	date	Last update timestamp	Yes	No

*Required based on authentication method configuration (password auth, username auth, etc.)

Default API Rules

The users collection comes with these default API rules:

{
    "listRule":  "id = @request.auth.id",    // Users can only list themselves
    "viewRule":  "id = @request.auth.id",   // Users can only view themselves
    "createRule": "",                        // Anyone can register (public)
    "updateRule": "id = @request.auth.id", // Users can only update themselves
    "deleteRule": "id = @request.auth.id"  // Users can only delete themselves
}

User Registration

Create User Account

// Create a new user account
user, err := client.Collection("users").Create(&bosbase.CrudMutateOptions{
    Body: map[string]interface{}{
        "email":          "user@example.com",
        "password":        "password123",
        "passwordConfirm": "password123",
        "name":           "John Doe",
    },
})
if err != nil {
    log.Fatal(err)
}

userID, _ := user["id"].(string)
fmt.Printf("Created user: %s\n", userID)

User Login/Authentication

Password Authentication

// Authenticate with email and password
authData, err := client.Collection("users").AuthWithPassword(
    "user@example.com",
    "password123",
    "", "", nil, nil, nil,
)
if err != nil {
    log.Fatal(err)
}

// Auth data is automatically stored
fmt.Printf("Authenticated: %v\n", client.AuthStore.IsValid())
fmt.Printf("Token: %s\n", client.AuthStore.Token())

Check Authentication Status

if client.AuthStore.IsValid() {
    record := client.AuthStore.Record()
    email, _ := record["email"].(string)
    fmt.Printf("Authenticated as: %s\n", email)
} else {
    fmt.Println("Not authenticated")
}

Logout

client.AuthStore.Clear()

Using Users with Other Collections

Reference Users in Other Collections

// Create a post with author reference
authRecord := client.AuthStore.Record()
userID, _ := authRecord["id"].(string)

post, err := client.Collection("posts").Create(&bosbase.CrudMutateOptions{
    Body: map[string]interface{}{
        "title":  "My Post",
        "author": userID, // Reference to users collection
    },
})

Complete Examples

package main

import (
    "fmt"
    "log"
    
    bosbase "github.com/bosbase/go-sdk"
)

func main() {
    client := bosbase.New("http://localhost:8090")
    defer client.Close()
    
    // Register new user
    user, err := client.Collection("users").Create(&bosbase.CrudMutateOptions{
        Body: map[string]interface{}{
            "email":          "newuser@example.com",
            "password":        "securepassword123",
            "passwordConfirm": "securepassword123",
            "name":           "New User",
        },
    })
    if err != nil {
        log.Fatal(err)
    }
    
    userID, _ := user["id"].(string)
    fmt.Printf("Registered user: %s\n", userID)
    
    // Login
    _, err = client.Collection("users").AuthWithPassword(
        "newuser@example.com",
        "securepassword123",
        "", "", nil, nil, nil,
    )
    if err != nil {
        log.Fatal(err)
    }
    
    fmt.Println("Successfully authenticated!")
}

Authentication - Complete authentication guide
Collections - Collection configuration
API Rules and Filters - Access control