Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/zeusdeux/jwt-example

Playing with user registration, login/logout, auth, etc using JWTs, serverless functions & faunadb as the data store.
https://github.com/zeusdeux/jwt-example

faunadb jwt jwt-bearer-tokens lambda now serverless zeit

Last synced: about 2 months ago
JSON representation

Playing with user registration, login/logout, auth, etc using JWTs, serverless functions & faunadb as the data store.

Host: GitHub
URL: https://github.com/zeusdeux/jwt-example
Owner: zeusdeux
Created: 2019-08-19T22:49:33.000Z (over 5 years ago)
Default Branch: master
Last Pushed: 2023-03-01T19:04:59.000Z (almost 2 years ago)
Last Synced: 2024-10-16T19:25:19.353Z (2 months ago)
Topics: faunadb, jwt, jwt-bearer-tokens, lambda, now, serverless, zeit
Language: TypeScript
Homepage: https://jwt-example.zdx.cat
Size: 1.27 MB
Stars: 22
Watchers: 3
Forks: 4
Open Issues: 8
Metadata Files:
- Readme: Readme.md

Awesome Lists containing this project

README

# jwt-example

This is an example codebase that implements user registration and supports authorization using
[JWTs](https://jwt.io) using serverless functions and the wonderful [FaunaDB](https://fauna.com).

## Motivation

I wrote this to teach myself how JWTs work and also implement user registration and login/logout,
etc flows serverlessly.

## Implemented functionality

- sign up as new user (or re-sign up as a deleted user which is transparent to the user)
- login and get JWT with 1 hour expiry (multiple logged in sessions supported)
- access protected route with only with a valid token
- logout (kills _all_ logged in sessions and invalidates all tokens for the user)
- delete user
- In-situ encrypted JWT signing/validation key pair to overcome
[AWS Lambda having a hard limit of 4kb on env vars when JSON-stringified](https://github.com/zeusdeux/jwt-example/commit/4f09c2e56df2d95ac9df0082fad4bfc4e22fbddd#comments)

## TODOs

- todos in code
- switch to `argon2` from `bcrypt`
> Waiting on https://github.com/zeit/node-file-trace/pull/53 to switch to argon2

## Code structure

- `api/*` holds the lambdas that map to each supported route
- `models/*` holds the models for the entities in the system (User & Token) and some helpers
- `errors/*` holds the custom error tooling for the codebase
- `utils/*` hold code structure and type level utilties

### A note on `Maybe`, `Either` and `match` over traditional code structure

I wanted to play with a different way of approaching authoring the code in this repository. Instead
of messing with `try/catch`-es and lots of error handling madness, I have instead opted to push
those to the edges as you can see in [models/User.helpers.ts](./models/User.helpers.ts) and instead
wrap those values in `Maybe`s and/or `Either`s. These values are then accessed in a declarative
manner using `match`. Their usage, imho, has greatly simplified the code as you can see in the
`api/*.ts`. It's not everyone's ☕and I get that.

More info can be found in files with the same names under they `utils/` directory.