Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/fsmaiorano/next-saas-rbac

🍵 A multi-tenant SaaS with Next.js including authentication and RBAC authorization.
https://github.com/fsmaiorano/next-saas-rbac

bcryptjs casl-permission fastify nextjs nodejs prisma-orm turborepo typescript zod

Last synced: 4 days ago
JSON representation

🍵 A multi-tenant SaaS with Next.js including authentication and RBAC authorization.

Host: GitHub
URL: https://github.com/fsmaiorano/next-saas-rbac
Owner: fsmaiorano
Created: 2024-04-27T10:10:08.000Z (8 months ago)
Default Branch: main
Last Pushed: 2024-06-10T13:27:09.000Z (7 months ago)
Last Synced: 2024-11-05T13:15:59.331Z (about 2 months ago)
Topics: bcryptjs, casl-permission, fastify, nextjs, nodejs, prisma-orm, turborepo, typescript, zod
Language: TypeScript
Homepage:
Size: 1.65 MB
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

        # Next.js SaaS + RBAC 🍵

This project contains all the necessary boilerplate to setup a multi-tenant SaaS with Next.js including authentication and RBAC authorization.

## How to run

### Prerequisites

- Node.js 14.x

- Yarn 1.x

- Docker

- Docker Compose

- Git

- GitHub account

- GitHub OAuth application

### Setup

1. Clone the repository:

```bash

git clone

```

2. Install dependencies:

```bash

yarn

```

3. Create a `.env` file based on `.env.example`:

```bash

cp .env.example .env

```

4. Fill in the environment variables:

```bash

DATABASE_URL="postgresql://postgres:postgres@localhost:5432/saas?schema=public"

GITHUB_OAUTH_CLIENT_ID=""

GITHUB_OAUTH_CLIENT_SECRET=""

GITHUB_OAUTH_REDIRECT_URL="http://localhost:3000/api/auth/callback"

JWT_SECRET="jwtSecretKey"

JWT_EXPIRES_IN="1d"

NEXT_PUBLIC_API_URL="http://localhost:3333"

```

5. Start the database:

```bash

docker-compose up -d

```

6. Run the migrations:

```bash

yarn prisma migrate dev

```

7. Start the development server:

```bash

yarn dev

```

8. Access the application at `http://localhost:3000`.

9. Access the API at `http://localhost:3333`.

## Features

### Authentication

- [X] It should be able to authenticate using e-mail & password;

- [X] It should be able to authenticate using Github account;

- [X] It should be able to recover password using e-mail;

- [X] It should be able to create an account (e-mail, name and password);

### Organizations

- [X] It should be able to create a new organization;

- [X] It should be able to get organizations to which the user belongs;

- [X] It should be able to update an organization;

- [X] It should be able to shutdown an organization;

- [X] It should be able to transfer organization ownership;

### Invites

- [X] It should be able to invite a new member (e-mail, role);

- [X] It should be able to accept an invite;

- [X] It should be able to revoke a pending invite;

### Members

- [X] It should be able to get organization members;

- [X] It should be able to update a member role;

### Projects

- [X] It should be able to get projects within a organization;

- [X] It should be able to create a new project (name, url, description);

- [X] It should be able to update a project (name, url, description);

- [X] It should be able to delete a project;

### Billing

- [X] It should be able to get billing details for organization ($20 per project / $10 per member excluding billing role);

## RBAC

Roles & permissions.

### Roles

- Owner (count as administrator)

- Administrator

- Member

- Billing (one per organization)

- Anonymous - (pending...)

### Permissions table

|                          | Administrator | Member | Billing | Anonymous |

| ------------------------ | ------------- | ------ | ------- | --------- |

| Update organization      | ✅            | ❌     | ❌      | ❌        |

| Delete organization      | ✅            | ❌     | ❌      | ❌        |

| Invite a member          | ✅            | ❌     | ❌      | ❌        |

| Revoke an invite         | ✅            | ❌     | ❌      | ❌        |

| List members             | ✅            | ✅     | ✅      | ❌        |

| Transfer ownership       | ⚠️            | ❌     | ❌      | ❌        |

| Update member role       | ✅            | ❌     | ❌      | ❌        |

| Delete member            | ✅            | ⚠️     | ❌      | ❌        |

| List projects            | ✅            | ✅     | ✅      | ❌        |

| Create a new project     | ✅            | ✅     | ❌      | ❌        |

| Update a project         | ✅            | ⚠️     | ❌      | ❌        |

| Delete a project         | ✅            | ⚠️     | ❌      | ❌        |

| Get billing details      | ✅            | ❌     | ✅      | ❌        |

| Export billing details   | ✅            | ❌     | ✅      | ❌        |

> ✅ = allowed

> ❌ = not allowed

> ⚠️ = allowed w/ conditions

#### Conditions

- Only owners may transfer organization ownership;

- Only administrators and project authors may update/delete the project;

- Members can leave their own organization;