Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/zett-8/express-prisma-auth0

Secure API with Express, Prisma and Auth0
https://github.com/zett-8/express-prisma-auth0

auth0 authentication express node prisma rest-api

Last synced: about 1 month ago
JSON representation

Secure API with Express, Prisma and Auth0

Host: GitHub
URL: https://github.com/zett-8/express-prisma-auth0
Owner: zett-8
Created: 2021-11-14T14:42:01.000Z (about 3 years ago)
Default Branch: master
Last Pushed: 2021-12-10T19:58:26.000Z (about 3 years ago)
Last Synced: 2024-12-24T08:08:27.906Z (about 1 month ago)
Topics: auth0, authentication, express, node, prisma, rest-api
Language: TypeScript
Homepage: https://express-prisma-auth0.herokuapp.com/
Size: 220 KB
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

        # Express + Prisma + Auth0

## [💻 Demo](https://express-prisma-auth0.herokuapp.com/)

## Requirements

[Express](https://expressjs.com/)   

[Prisma](https://www.prisma.io/)  

[Auth0](https://auth0.com/)  

## Protect endpoints 

Tricky part is here

```js

import jwt from 'express-jwt'

import jwksRsa from 'jwks-rsa'

const auth0Config = {

  issuer: process.env.AUTH0_ISSUER,

  audience: process.env.AUTH0_AUDIENCE,

  algorithms: ['RS256'],

}

export const jwtCheck = jwt({

  secret: jwksRsa.expressJwtSecret({

    cache: true,

    rateLimit: true,

    jwksRequestsPerMinute: 15,

    jwksUri: `${auth0Config.issuer}.well-known/jwks.json`,

  }),

  ...auth0Config,

})

```

Then use it for endpoints where you want to protect.  

Only Authenticated users can implement the endpoint with Bearer Token.

```js

import { jwtCheck } from './jwtCheck'

app.get('/sample', jwtCheck, (req, res) => {

  res.sendStatus(200)

})

```

All required environment variables are the following,

```text

AUTH0_DOMAIN=*******.us.auth0.com

AUTH0_CLIENT_ID=*******

AUTH0_ISSUER=https://*******.us.auth0.com/

AUTH0_AUDIENCE=https://*******.us.auth0.com/api/v2/

```

You can find them on Auth0 dashboard,  

```text

DOMAIN: Auth0 dashboard -> Applications -> Settings -> Domain  

CLIENT_ID: Auth0 dashboard -> Applications -> Settings -> Client ID  

ISSUER: https:///  

AUDIENCE: Auth0 dashboard -> APIs -> API Audience  

```

*Do not forget to put trailing slash at the end of ISSUER and AUDIENCE.  

Don't know why but without trailing slash, it didn't work well in my case.



## Prisma commands

### Migrate in Dev environment

```shell

prisma migrate dev

```

### Create migrations

```shell

prisma migrate dev --create-only

```

### Apply all migration files to prod

```shell

prisma migrate deploy

```

### Seed DB

add to package.json

```json

{

  "prisma": {

    "seed": "ts-node ./prisma/seed.ts"

  }

}

```

```shell

prisma db seed

```

### Reset DB

*This command should be run only on localhost  

*Delete all data and populate DB with seed data

```shell

prisma migrate reset

```

### Generate prisma client

*need to run this command after editing schema

```shell

prisma generate

```