padlocks v1.67.0

Disclaimer

This library is a work in progress! I built and tested Padlocks solely for applications that I am currently developing. Accordingly, the API may change at any time, bugs may exist, and you may not agree with all the security decisions I have made. Don’t say didn’t warn you!

Overview

Padlocks is an authentication library, built using Express.js, TypeORM, and PostgresSQL that is designed to work with Hasura.

Essentially, it exposes one function, createAuthServer, that creates an Express.js app. On that Express.js app, in turn, are routes, under the /auth url, that enable a user to:

• Login with Facebook or Google.

  • If the Facebook or Google ID of the user does not exist in the local database, a user profile will be created in the local database, and then in Hasura.
  • Any social login will culminate in an access token (JWT) and refresh token (opaque string) being sent to the client.

• Refresh that access token using the refresh token.

• Delete a user profile in the local database, then delete that profile in Hasura

To see what routes are exposed by this application, see the code here

Requirements

• You must have a Hasura account. Within that account, your “User” object should be called profiles and it should have, at minimum, two fields. An id field, which is the primary key and an auto-generated uuid, and the auth_id field, mapped to authId, which is a unique, non-nullable text field.

The auth_id is the foreign key that will:

• Exist on all other Hasura objects
• Be present on the access token (JWT) sent to Hasura
• Will look something like google-oauth2|1322323728328.

Instructions

1. Install the package by running yarn install padlocks.

2. Run yarn padlocks configure. Then, fill in the generated .env file. Without this step, the social login and the connection to Hasura will not work.

3. Create an index.js or index.ts file, using this one as a template. Read the comments in the file carefully!

4. Create an ormconfig.js file, using this one as a template. Read the comments in the file carefully!

5. If you want to test it locally, generate SSL certificates in the root of your server. I recommend installing the mkcert library and then running mkcert localhost.

6. Add these scripts to your package.json. You will need them to migrate and revert your database, as well as to push the application to production, and then run it. Read the TypeORM documentation for more details.

{ 
  "scripts": {
    "deploy": "yarn install && yarn build && yarn migrate",
    "makemigrations": "ts-node ./node_modules/typeorm/cli.js migration:generate --name",
    "migrate": "ts-node ./node_modules/typeorm/cli.js migration:run",
    "revert": "ts-node ./node_modules/typeorm/cli.js migration:revert",
    "start-production": "node build/index.js",
  }
}

7. Run the commands yarn makemigrations "CreateProfile" and then yarn migrate to configure the database.

8. At this point, it should work like a normal Express.js app. Use yarn start to run the application locally and yarn build to create the production build.