padlocks v1.67.0
Disclaimer
This library is a work in progress! I built and tested Padlocks solely for applications that I am currently developing. Accordingly, the API may change at any time, bugs may exist, and you may not agree with all the security decisions I have made. Don’t say didn’t warn you!
Overview
Padlocks is an authentication library, built using Express.js, TypeORM, and PostgresSQL that is designed to work with Hasura.
Essentially, it exposes one function, createAuthServer
, that creates an Express.js app. On that Express.js app, in turn, are routes, under the /auth
url, that enable a user to:
Login with Facebook or Google.
- If the Facebook or Google ID of the user does not exist in the local database, a user profile will be created in the local database, and then in Hasura.
- Any social login will culminate in an access token (JWT) and refresh token (opaque string) being sent to the client.
Refresh that access token using the refresh token.
Delete a user profile in the local database, then delete that profile in Hasura
To see what routes are exposed by this application, see the code here
Requirements
- You must have a Hasura account. Within that account, your “User” object should be called
profiles
and it should have, at minimum, two fields. Anid
field, which is the primary key and an auto-generateduuid
, and theauth_id
field, mapped toauthId
, which is a unique, non-nullable text field.
The auth_id
is the foreign key that will:
- Exist on all other Hasura objects
- Be present on the access token (JWT) sent to Hasura
- Will look something like
google-oauth2|1322323728328
.
Instructions
Install the package by running
yarn install padlocks
.Run
yarn padlocks configure
. Then, fill in the generated .env file. Without this step, the social login and the connection to Hasura will not work.Create an
index.js
orindex.ts
file, using this one as a template. Read the comments in the file carefully!Create an
ormconfig.js
file, using this one as a template. Read the comments in the file carefully!If you want to test it locally, generate SSL certificates in the root of your server. I recommend installing the mkcert library and then running
mkcert localhost
.Add these scripts to your
package.json
. You will need them to migrate and revert your database, as well as to push the application to production, and then run it. Read the TypeORM documentation for more details.
{
"scripts": {
"deploy": "yarn install && yarn build && yarn migrate",
"makemigrations": "ts-node ./node_modules/typeorm/cli.js migration:generate --name",
"migrate": "ts-node ./node_modules/typeorm/cli.js migration:run",
"revert": "ts-node ./node_modules/typeorm/cli.js migration:revert",
"start-production": "node build/index.js",
}
}
Run the commands
yarn makemigrations "CreateProfile"
and thenyarn migrate
to configure the database.At this point, it should work like a normal Express.js app. Use
yarn start
to run the application locally andyarn build
to create the production build.
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago