Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/madsodgaard/vapor-auth-template
A Vapor 4 template with authentication, Fluent, JWT, Queues, repository pattern, testing and more.
https://github.com/madsodgaard/vapor-auth-template
authentication jwt server-side-swift swift vapor4
Last synced: 5 days ago
JSON representation
A Vapor 4 template with authentication, Fluent, JWT, Queues, repository pattern, testing and more.
- Host: GitHub
- URL: https://github.com/madsodgaard/vapor-auth-template
- Owner: madsodgaard
- License: mit
- Created: 2020-04-10T09:27:08.000Z (almost 5 years ago)
- Default Branch: main
- Last Pushed: 2023-08-07T11:32:02.000Z (over 1 year ago)
- Last Synced: 2025-01-10T08:18:48.889Z (12 days ago)
- Topics: authentication, jwt, server-side-swift, swift, vapor4
- Language: Swift
- Homepage:
- Size: 49.8 KB
- Stars: 232
- Watchers: 12
- Forks: 35
- Open Issues: 4
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Vapor Authentication Template
[](http://swift.org)
[](https://vapor.codes)
This package is a Vapor 4 template to showcase different features and include authentication functions needed for a lot of apps. It uses concepts such as: repository pattern, queues, jwt, fluent, testing and mailgun
The template can be cloned and configured/changed to fit your needs, but should give a good starting point to anyone new to Vapor.
## Features
* User registration
* User login
* Reset password
* Email verification
* Refresh and access tokens
* Testing
* JWT Authentication
* Queues for email sending
* Repository Pattern
* Mailgun
## Routes
| URL | HTTP Method | Description | Content (Body) |
|---------------------------------|:-----------:|----------------------------------------------------------|-------------------------|
| /api/auth/register | POST | Registers a user and sends email verification | `RegisterRequest` |
| /api/auth/login | POST | Login with existing user (requires email verification) | `LoginRequest` |
| /api/auth/email-verification | GET | Used to verify an email with a email verification token | Query parameter `token` |
| /api/auth/email-verification | POST | (Re)sends email verification to a specific email | `SendEmailVerification` |
| /api/auth/reset-password | POST | Sends reset-password email with token | `ResetPasswordRequest` |
| /api/auth/reset-password/verify | GET | Verifies a given reset-password token | Query parameter `token` |
| /api/auth/recover | POST | Changes user password with reset-password token supplied | `RecoverAccountRequest` |
| /api/auth/me | GET | Returns the current authenticated user | None |
| /api/auth/accessToken | POST | Gives the user a new accesstoken and refresh token | `AccessTokenRequest` |
## Configuration
### Environment variables
These environment variables will be used for configuring different services by default:
| Key | Default Value | Description |
|---------------------|--------------------------|-----------------------------------------------------------------------------------------------------|
| `POSTGRES_HOSTNAME` | `localhost` | Postgres hostname |
| `POSTGRES_USERNAME` | `vapor` | Postgres usernane |
| `POSTGRES_PASSWORD` | `password` | Postgres password |
| `POSTGRES_DATABASE` | `vapor` | Postgres database |
| `JWKS_KEYPAIR_FILE` | `keypair.jwks` | JWKS Keypair file relative to root directory see "JWT" section for more info |
| `MAILGUN_API_KEY` | None | Mailgun API Key |
| `SITE_API_URL` | None | The URL where your API will be hosted ex: "https://api.myapp.com" (used for email-verification URL) |
| `SITE_FRONTEND_URL` | None | The URL where your frontend will be hosted ex: "http://myapp.com" (used for reset-password URL) |
| `NO_REPLY_EMAIL` | None | The no reply email that will be used for Mailgun |
| `REDIS_URL` | `redis://127.0.0.1:6379` | Redis URL for Queues worker. |
### App config
`AppConfig` contains configuration like API URL, frontend URL and no-reply email. It loads from environment variables by default. Otherwise you can override it inside `configure.swift`:
```swift
app.config = .init(...)
```
### Constants
`Constants.swift` contains constants releated to tokens lifetime.
| Token | Lifetime |
|--------------------------|------------|
| Access Token | 15 minutes |
| Refresh Token | 7 days |
| Email Verification Token | 24 hours |
| Reset Password Token | 1 hour |
### Mailgun
The template uses [VaporMailgunService](https://github.com/vapor-community/VaporMailgunService) and be configured as it states in the documentation. `Extensions/Mailgun+Domains.swift` contains the domains.
### JWT
This package uses JWT for Access Tokens, and by default it loads JWT credentials from a JWKS file called `keypair.jwks` in the root directory. You can generate a JWKS keypair at https://mkjwk.org/