Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/katsari/rails-multitenant-api

Rails API starter that includes row based multitenant architecture, RLS, authentication, authorization and test framework setup.
https://github.com/katsari/rails-multitenant-api

multitenant-architecure postgresql rails-api rails6 ruby

Last synced: 4 days ago
JSON representation

Rails API starter that includes row based multitenant architecture, RLS, authentication, authorization and test framework setup.

Host: GitHub
URL: https://github.com/katsari/rails-multitenant-api
Owner: Katsari
Created: 2021-09-02T15:22:05.000Z (over 3 years ago)
Default Branch: main
Last Pushed: 2021-09-21T22:05:08.000Z (over 3 years ago)
Last Synced: 2024-12-17T11:11:36.892Z (9 days ago)
Topics: multitenant-architecure, postgresql, rails-api, rails6, ruby
Language: Ruby
Homepage:
Size: 1.01 MB
Stars: 6
Watchers: 2
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

# Rails Multitenant API (WIP)

This is an opinionated Rails application designed to be used as a starter or example on how to implement a REST API with row based multitenancy and extra security by leveraging PostgreSQL's Row Level Security (RLS).

## Main features

* Row based multitenancy for data isolation (adding tenant_id to almost all tables).
* Automatically add `tenant_id` to database queries using [activerecord-multi-tenant](https://github.com/citusdata/activerecord-multi-tenant).
* A sencond layer of security for data restriction by using PostgreSQL's Row Level Security (see [PG Docs](https://www.postgresql.org/docs/current/ddl-rowsecurity.html)). Easy policy definition, migrations and controller integration with [rls_rails](https://github.com/suus-io/rls_rails).
* Email authentication using [Devise Token Auth](https://github.com/lynndylanhurley/devise_token_auth), including:
* User registration, creation, update and deletion
* Login and logout
* Password reset, account confirmation
* Permission based authorization using [CanCanCan](https://github.com/CanCanCommunity/cancancan).
* Graph API using RESTful Resources by leveraging the amazing [Graphiti](https://www.graphiti.dev/guides/) gem, which includes:
* JSON:API specification (also supports JSON and XML responses)
* Sorting
* Pagination
* Filtering
* Statictics
* Error handling
* Side-loading and side-posting
* Test framework setup ready for writing unit, request, resource and API tests (Rspec + Factory Bot + Faker + Shoulda Matchers + Database Cleaner + Graphiti spec helpers). Includes tests for users, roles, sessions, registrations and token validations.