Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/RodolfoSilva/hasura-auth

🔐 Hasura Auth 🔐
https://github.com/RodolfoSilva/hasura-auth

Last synced: 3 months ago
JSON representation

🔐 Hasura Auth 🔐

Host: GitHub
URL: https://github.com/RodolfoSilva/hasura-auth
Owner: RodolfoSilva
License: mit
Archived: true
Created: 2019-04-17T04:04:51.000Z (over 5 years ago)
Default Branch: master
Last Pushed: 2021-05-10T06:35:05.000Z (over 3 years ago)
Last Synced: 2024-08-21T13:18:15.549Z (4 months ago)
Language: TypeScript
Homepage:
Size: 1.09 MB
Stars: 62
Watchers: 8
Forks: 12
Open Issues: 5
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # Hasura Auth [WIP]

Inspired by the [hasura-backend-plus](https://github.com/elitan/hasura-backend-plus)

## Setup

Create tables and initial state for your user management.

```sql

CREATE EXTENSION IF NOT EXISTS citext WITH SCHEMA public;

CREATE TABLE "role" (

  name text NOT NULL PRIMARY KEY,

  created_at timestamp with time zone NOT NULL DEFAULT now()

);

INSERT INTO "role" ("name") VALUES ('user');

CREATE TABLE "organization" (

  id uuid DEFAULT gen_random_uuid() NOT NULL CONSTRAINT organization_pkey PRIMARY KEY,

  name text NOT NULL,

  created_at timestamp WITH TIME ZONE DEFAULT now() NOT NULL,

  updated_at timestamp WITH TIME ZONE DEFAULT now() NOT NULL

);

CREATE TABLE "user" (

  id uuid PRIMARY KEY DEFAULT gen_random_uuid(),

  organization_id uuid NULL CONSTRAINT user_organization_id_fkey REFERENCES "organization" ON UPDATE CASCADE ON DELETE CASCADE,

  email citext NOT NULL,

  password text NOT NULL,

  default_role text NOT NULL DEFAULT 'user',

  is_active boolean NOT NULL DEFAULT false,

  secret_token uuid NOT NULL,

  created_at timestamp with time zone NOT NULL DEFAULT now(),

  updated_at timestamp with time zone NOT NULL DEFAULT now(),

  CONSTRAINT user_email_organization_id_key UNIQUE (email, organization_id),

  FOREIGN KEY (default_role) REFERENCES role (name)

);

CREATE TABLE "user_role" (

  id uuid DEFAULT gen_random_uuid() NOT NULL CONSTRAINT user_role_pkey PRIMARY KEY,

  user_id uuid NOT NULL CONSTRAINT user_role_user_id_fkey REFERENCES "user" ON UPDATE CASCADE ON DELETE CASCADE,

  role text NOT NULL,

  created_at timestamp WITH TIME ZONE DEFAULT now() NOT NULL,

  updated_at timestamp WITH TIME ZONE DEFAULT now() not null,

  CONSTRAINT user_role_user_id_role_key UNIQUE (user_id, role)

);

CREATE TABLE "user_session" (

  id uuid PRIMARY KEY DEFAULT gen_random_uuid(),

  user_agent text NULL,

  ip_address text NULL,

  user_id uuid NOT NULL,

  refresh_token text NOT NULL,

  expires_at timestamp with time zone NOT NULL,

  created_at timestamp with time zone NOT NULL DEFAULT now(),

  updated_at timestamp with time zone NOT NULL DEFAULT now(),

  FOREIGN KEY (user_id) REFERENCES "user" (id)

);

```

### Track your tables and relations in Hasura

Go to the Hasura console. Click the "Data" menu link and then click "Track all" under both "Untracked tables or views" and "Untracked foreign-key relations"

### Enable auth hook

Set your hasura environment to use this configuration:

```

HASURA_GRAPHQL_AUTH_HOOK=https:///hook

```

[Read more...](https://docs.hasura.io/1.0/graphql/manual/auth/webhook.html)

### Use Remote Schema

Go to the Hasura console. Clink the "Remote Schemas" menu link and then click "Add".

Set a name to "Remote Schema name" like you prefer eg. (hasura-auth) and set the "GraphQL server URL" to use tbe url `https:///graphql`/

In "Headers for the remote GraphQL server" select the option "Forward all headers from client". After that clink an "Add Remote Schema" button

## Environment

| name                            | default                                       | description                           |

| ------------------------------- | --------------------------------------------- | ------------------------------------- |

| `PORT`                          | `4000`                                        | Express server port                   |

| `HASURA_GRAPHQL_ENDPOINT`       | `http://graphql-engine:8080/v1alpha1/graphql` | Endpoit to hasura server              |

| `HASURA_GRAPHQL_ADMIN_SECRET`   | `NULL`                                        | Admin secrete key of hasura console   |

| `HASURA_GRAPHQL_CLAIMS_KEY`     | `https://hasura.io/jwt/claims`                | Key hequired by hasura in JWT         |

| `HASURA_GRAPHQL_HEADER_PREFIX`  | `x-hasura-`                                   | Hasura header prefix                  |

| `USER_REGISTRATION_AUTO_ACTIVE` | `true`                                        | Auto active the user account          |

| `REFRESH_TOKEN_EXPIRES_IN`      | `43200`                                       | Life time in minutes of refresh token |

| `JWT_ALGORITHM`                 | `HS256`                                       | JWT Algorithm                         |

| `JWT_PRIVATE_KEY`               | `secretkey`                                   | JWT Secret key used to generate token |

| `JWT_TOKEN_EXPIRES`             | `15`                                          | Life time in minutes of JWT           |

| `ALLOW_REGISTRATION_FOR`        | `*`                                           | Allow registration by role            |

| `ALLOW_EMPTY_ORGANIZATION`      | `true`                                        | Allow use empty organization          |

## Todo

- [ ] Google Login

- [ ] Facebook Login

- [ ] Twitter Login

## License

MIT