Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/willnode/uas-gitlab-auth

🔑 Microservice to grant access to GitLab private repo using Asset Store Invoice API.
https://github.com/willnode/uas-gitlab-auth

api gitlab microservice nodejs unity unity-asset-store unity3d

Last synced: about 1 month ago
JSON representation

🔑 Microservice to grant access to GitLab private repo using Asset Store Invoice API.

Awesome Lists containing this project

README

        

# uas-gitlab-auth

This is a service to grant access to GitLab private repo using Asset Store Invoice API.

This microservice can handle multiple assets under the same publisher.

[Currently used to serve costumers on my site](https://wellosoft.net/grants/)

## Install

+ Install bun
+ Write `.env`
+ `bun start`

## Enviroment Variables

- `UAS_TOKEN` - [Unity Asset Store Verify Invoice Token](https://publisher.assetstore.unity3d.com/verify-invoice.html#apiKeyValue).
- `GITLAB_TOKEN` - [GitLab Token with API Access](https://gitlab.com/profile/personal_access_tokens).
- `UAS_ASSETS` - Name of Assets that permitted. Multiple Assets can be separated with comma. Names should match with [names returned from API](http://api.assetstore.unity3d.com/api-docs/#!/invoice).
- `GITLAB_REPOS` - GitLab repo IDs (number not name) to be granted, in the same order with `UAS_ASSETS`.
- `ACCESS_ALLOW_ORIGIN` - The URL of your website or `*` if you want to allow any origin (not recommended), for the `Access-Control-Allow-Origin` header.

Below are optional options to finetune access grants. If you set any non-empty value on these variables, it'll assumed as `true` (default is not set or `false` to prevent abuse and potential pirates):

- `ALLOW_EDIT_AND_DELETE` - Allow user to override or delete if that user has entered Invoices that already exist in the data.
- `ALLOW_FREE_USERS` - Grant access to users that purchase with zero price (e.g. voucher redeem).
- `ALLOW_REFUNDED_USERS` - Grant access to users that **has** refunded their purchase.

Other optional nice environment variables:

- `RECAPTCHA_TOKEN` - [Google Recaptcha](https://www.google.com/recaptcha/) secret token if you plan to use recaptcha.
- `SUCCESS_REDIRECT_TO` - If operation success, redirect user to a specific URL. It'll automatically appended with `?repo=xxx` where `xxx` is repo ID.

By design it only grant one user per one invoice.

## API

When you give GitLab token to this microservice, it will:

+ Grant any registered GitLab user with correct Invoice number as `guest` to the repo.
+ Autogenerate wiki called `granted_invoices` to save a prettified JSON data about invoice numbers that related to each granted GitLab user.

This microservice speaks `POST`. If you use `GET` any operation will not modify target repo nor modify grant to user (useful for installation testing).

Required Request Parameters:

- `invoice`: Invoice number.
- `username`: GitLab registered Username. If not set or empty and `ALLOW_EDIT_AND_DELETE` is set the operation will delete the invoice number from data and revoking the user access.

## CLient Example

HTML Only:

```html

Invoice:

Username:

```

XHR:

```js
const invoice='0123', username='smith';
const xhr = new XMLHttpRequest();
xhr.onreadystatechange = function() {
if (this.readyState == 4) {
console.log(this.status);
console.log(xhr.responseText);
}
};

xhr.open('POST', 'https://uas-gitlab-auth-xxxxx.now.sh', true);
xhr.send(`invoice=${invoice}&username=${username}`);
```

## Return

The microservice will respond with human message in the body and either of these codes:

- `200`: Access granted.
- `202`: Request valid without any modification in repo (e.g. API performed via `GET` or user already been granted)
- `400`: Wrong or invalid request (e.g. malformed invoice pattern)
- `403`: Request rejected (e.g. invoice didn't found, repo didn't match, etc.)
- `500`: Internal error (e.g. token has expired or an issue with the microservice). Check for logs if a user spot this error.

## License

[MIT](LICENSE).