{"id":16799070,"url":"https://github.com/monacoremo/postgrest-sessions-example","last_synced_at":"2025-03-22T02:30:54.084Z","repository":{"id":41444594,"uuid":"231981227","full_name":"monacoremo/postgrest-sessions-example","owner":"monacoremo","description":"An example on how to implement session-based authentication with PostgREST","archived":false,"fork":false,"pushed_at":"2020-02-16T12:30:07.000Z","size":58,"stargazers_count":57,"open_issues_count":3,"forks_count":10,"subscribers_count":7,"default_branch":"master","last_synced_at":"2025-03-15T15:51:49.680Z","etag":null,"topics":["nix","postgrest","sql"],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/monacoremo.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-01-05T21:55:57.000Z","updated_at":"2024-07-31T09:25:50.000Z","dependencies_parsed_at":"2022-08-01T00:08:39.873Z","dependency_job_id":null,"html_url":"https://github.com/monacoremo/postgrest-sessions-example","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/monacoremo%2Fpostgrest-sessions-example","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/monacoremo%2Fpostgrest-sessions-example/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/monacoremo%2Fpostgrest-sessions-example/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/monacoremo%2Fpostgrest-sessions-example/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/monacoremo","download_url":"https://codeload.github.com/monacoremo/postgrest-sessions-example/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":244897759,"owners_count":20528287,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["nix","postgrest","sql"],"created_at":"2024-10-13T09:27:47.419Z","updated_at":"2025-03-22T02:30:53.665Z","avatar_url":"https://github.com/monacoremo.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"\n# PostgREST sessions example\n\n\u003e Work in progress - feedback and contributions welcome!\n\nThis is an example of how session based authentication can be implemented with\n[PostgREST](https://postgrest.org/).\n\nThe key file in this example is [app.sql.md](app.sql.md), which is a literate\nSQL file (like [literal Haskell](https://wiki.haskell.org/Literate_programming)\nfiles). As a Markdown file, it explains how to set up an application with\nsessions. At the same time, it's also a full SQL script that defines the\napplication when you filter for the SQL code blocks.\n\nYou can get the filtered SQL script by running\n`sed -f deploy/md2sql.sed \u003capp.sql.md \u003eapp.sql`\n\n\n## How to implement session-based authentication with PostgREST\n\nWe leave the JWT-based authentication of PostgREST unused and implement our own\nauthentication setup using the `pre-request` hook that PostgREST provides.\n\nThe application tracks sessions in its own [`sessions`\ntable](app.sql.md#sessions).\n\nThe business logic for logging in, logging out etc. is defined using functions\nin the [`auth` schema](app.sql.md#login).\n\nFunctions that we expose as endpoints in the [`api`\nschema](app.sql.md#login-api-endpoint) wrap the business logic functions in\n`auth` to set cookies and raise errors to users where appropriate.\n\nTo tie everything together, we hook up the [`authenticate`\nfunction](app.sql.md#authentication-hook) as a `pre-request` in\n[`postgrest.conf`](postgrest.conf), so that it runs before every request. It\nreads the session token from the request cookies and switches to the\nappropriate role and `user_id` based on the session.\n\n\n## Dependencies\n\nOn Linux, you'll need\n* [PostgreSQL](https://www.postgresql.org/) 9.5 or higher with the\n  [`pgtap`](https://pgtap.org/) extension (I tested this with PostgreSQL 12.1,\n  but older versions should also be fine as long as they have the Row Level\n  Security feature).\n* [PostgREST](https://github.com/PostgREST/postgrest/releases) \u003e= 6.0\n\nIf you have Nix (highly recommended, get it here: [Getting\nNix](https://nixos.org/nix/download.html)), running `nix-shell` in this\ndirectory will drop you in a shell where all dependencies are available,\nwithout any permanent changes to your environment. The environment is defined\nin [`shell.nix`](shell.nix).\n\n\n## Running the application\n\nRun [`deploy/deploy-local.sh`](deploy/deploy-local.sh) and access the PostgREST\nAPI at [`http://localhost:3000/`](http://localhost:3000/). The script will run\nPostgreSQL in a temporary directory and connect it to PostgREST via a Unix\ndomain socket. The application is automatically loaded from the `app.sql.md`\nfile.\n\nYou'll need to have the `postgrest` binary on your path. If you downloaded it\ninto this directory, you should be able to run `PATH=\".:$PATH\"\ndeploy/deploy-local.sh`. The Nix shell environment from above will also take\ncare of this.\n\nPress `Ctrl-c` to exit and clean up the directory where the temporary database\nwas set up.\n\n\n## Development and testing\n\nTo quickly iterate on the database schema, you can run something like `echo\napp.sql.md | entr -r deploy/deploy-local.sh`. This will load the schema\ninto a fresh database on every change, including the test suite defined\nwithin it.\n\n\u003e The [`entr`](http://eradman.com/entrproject/) utility (which is also provided in\n\u003e the Nix environment) takes a list of files to watch on `stdin` and restarts\n\u003e the command if any of the given files is changed.\n\nTo run the integration tests in [`tests.py`](tests.py), you'll need\nPython 3 with `py.test` and `requests`. To run the full test-suite on each\nchange, you can run, for example: `ls | entr -r deploy/test-local.sh`.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmonacoremo%2Fpostgrest-sessions-example","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmonacoremo%2Fpostgrest-sessions-example","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmonacoremo%2Fpostgrest-sessions-example/lists"}