-
-
Notifications
You must be signed in to change notification settings - Fork 3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
chore: move adapters to monorepo (#3805)
* feat: move adapters repo to new packages dir * fix: rm docusaurus build dir * fix: update .gitignore * fix: reorganise package directories * remove package lock files * fix: folder rename * remove package lock file * fix: jest config paths * update yarn.lock * ignore dynamodb local bin * fix: gitignore * fix: update adapter-test * change adapter-test package json * rename prisma adapter package name * fix paths * update gitignore * run tests with one concurrency * fix: merge conflicts * gitignore dist folders * fix: add jest.config.js to tsconfig ignore * fix: yarn.lock * fix: ignore pouch in turbo commands * ignore jest file * fix: test turbo test cmd * fix: turbo test cmd * test: disable mongodb-adapter temporarily * ignore all dev.db files * simplify gitignore * remove unused dependency * have tsconfig in its own package * remove unnecessary .gitignore files * move jest config to preset * add ts expect error comment * chore: update .gitignore * remove babelrc * don't depend on build for testing in turbo * fix: cleanup testing npm scripts * fix: remove jest-config roots * fix: add fauna jest preset * fix: rm dev.db from prisma mirgation * fix prisma * remove nohoist Co-authored-by: Balázs Orbán <info@balazsorban.com>
- Loading branch information
1 parent
cb30f49
commit dc3ad8c
Showing
165 changed files
with
14,427 additions
and
454 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
# Change Log | ||
|
||
All notable changes to this project will be documented in this file. | ||
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines. | ||
|
||
## [1.0.2](https://github.com/nextauthjs/adapters/compare/@next-auth/dgraph-adapter@1.0.1...@next-auth/dgraph-adapter@1.0.2) (2021-12-06) | ||
|
||
**Note:** Version bump only for package @next-auth/dgraph-adapter |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,157 @@ | ||
<p align="center"> | ||
<br/> | ||
<a href="https://next-auth.js.org" target="_blank"><img height="64px" src="https://next-auth.js.org/img/logo/logo-sm.png" /></a> <img height="64px" src="https://cloud.dgraph.io/logo.svg" /> | ||
<h3 align="center"><b>Dgraph Adapter</b> - NextAuth.js</h3> | ||
<p align="center"> | ||
Open Source. Full Stack. Own Your Data. | ||
</p> | ||
<!-- <p align="center" style="align: center;"> | ||
<img src="https://github.com/nextauthjs/adapters/actions/workflows/release.yml/badge.svg" alt="CI Test" /> | ||
<img src="https://img.shields.io/bundlephobia/minzip/@next-auth/prisma-adapter" alt="Bundle Size"/> | ||
<img src="https://img.shields.io/npm/v/@next-auth/prisma-adapter" alt="@next-auth/prisma-adapter Version" /> | ||
</p> --> | ||
</p> | ||
|
||
## Overview | ||
|
||
This is the Dgraph Adapter for [`next-auth`](https://next-auth.js.org). This package can only be used in conjunction with the primary `next-auth` package. It is not a standalone package. | ||
|
||
You can find two Graphql schemas in the [`docs`](https://next-auth.js.org/adapters/dgraph/schema.gql). | ||
|
||
1. The unsecure don't implement any auth directive is perfect for a quick start. | ||
2. The second one is more secure and require you replace some value before copy pasting it into your Dgraph console ([`see Securing your database`](#securing-your-database)). | ||
|
||
## Getting Started | ||
|
||
1. Install `next-auth` and `@next-auth/dgraph-adapter` | ||
|
||
```js | ||
npm install next-auth @next-auth/dgraph-adapter | ||
``` | ||
|
||
2. Add this adapter to your `pages/api/[...nextauth].js` next-auth configuration object. | ||
|
||
```js | ||
import NextAuth from "next-auth" | ||
import { DgraphAdapter } from "@next-auth/dgraph-adapter"; | ||
|
||
// For more information on each option (and a full list of options) go to | ||
// https://next-auth.js.org/configuration/options | ||
export default NextAuth({ | ||
// https://next-auth.js.org/configuration/providers | ||
providers: [ | ||
..., | ||
], | ||
adapter: DgraphAdapter({ | ||
endpoint: process.env.DGRAPH_GRAPHQL_ENDPOINT, | ||
authToken: process.env.DGRAPH_GRAPHQL_KEY, | ||
|
||
// you can omit the following properties if you are running an unsecure schema | ||
authHeader: "<YOUR AUTH HEADER>", | ||
jwtSecret: process.env.SECRET | ||
}) | ||
... | ||
}) | ||
``` | ||
|
||
## Quick start with the unsecure schema | ||
|
||
The simplest way to use Dgraph is by copy pasting the unsecure schema into your dashboard. Then create an api client key and grab your endpoint to initialize your `DgraphClient`. Forget about `authHeader` and `jwtSecret`. | ||
|
||
## Securing your database | ||
|
||
Fore sake of security and mostly if your client directly communicate with the graphql server you obviously want to restrict the access to the types used by next-auth. That's why you see a lot of @auth directive alongide this types in the schema. | ||
|
||
### Dgraph.Authorization | ||
|
||
The first thing to do in order to secure your graphql backend is to define the `Dgraph.Authorization` object at the bottom of your schema and provide `authHeader` and `jwtSecret` values to the DgraphClient. | ||
|
||
```js | ||
# Dgraph.Authorization {"VerificationKey":"<YOUR JWT SECRET HERE>","Header":"<YOUR AUTH HEADER HERE>","Namespace":"<YOUR CUSTOM NAMESPACE HERE>","Algo":"HS256"} | ||
``` | ||
|
||
### VerificationKey and jwtSecret | ||
|
||
This is the key you use to sign the JWT. Probably your `process.env.SECRET`. | ||
|
||
### Header and authHeader | ||
|
||
The `Header` tells Dgraph where to lookup for a jwt with auth credentials. You have to configure it a te bottom of your schema. This header is the same as the `authHeader` property you provide when you instantiate the DgraphClient. | ||
|
||
## Working with JWT session and @auth directive | ||
|
||
Dgraph only works with HS256 or RS256 algorithms. If you want to use session jwt to securely interact with your dgraph database you have to customize next-auth encode and decode functions because the default algorithm is HS512. You can there going further and customize the jwt with roles if you want to implement [`RBAC logic`](https://dgraph.io/docs/graphql/authorization/directive/#role-based-access-control). | ||
|
||
```js | ||
import * as jwt from "jsonwebtoken"; | ||
|
||
export default NextAuth({ | ||
|
||
... | ||
|
||
session: { | ||
jwt: true | ||
}, | ||
jwt: { | ||
secret: process.env.SECRET, | ||
encode: async ({ secret, token }) => { | ||
return jwt.sign({ | ||
...token, | ||
userId: token.id, | ||
// role: "ADMIN" for RBAC | ||
}, | ||
secret, | ||
{ | ||
algorithm: "HS256", | ||
expiresIn: 30 * 24 * 60 * 60; // 30 days | ||
});; | ||
}, | ||
decode: async ({ secret, token }) => { | ||
return jwt.verify(token, secret, { algorithms: ["HS256"] }); | ||
} | ||
}, | ||
|
||
... | ||
|
||
}) | ||
``` | ||
|
||
Once your `Dgraph.Authorization` define in your schema and this JWT settings set, this will allow you to define [`@auth rules`](https://dgraph.io/docs/graphql/authorization/authorization-overview/) for every part of your schema. | ||
|
||
## @auth implementation | ||
|
||
```graphql | ||
|
||
type User | ||
@auth( | ||
... | ||
|
||
query: { or: [ | ||
{ | ||
rule: """ | ||
query ($userId: String!) { | ||
queryUser(filter: { id: { eq: $userId } } ) { | ||
id | ||
} | ||
} | ||
""" | ||
}, | ||
{ rule: "{$role { eq: "ADMIN" } }" } | ||
{ rule: "{$nextAuth { eq: true } }" }, | ||
]}, | ||
|
||
... | ||
) { | ||
id: ID | ||
... | ||
} | ||
|
||
``` | ||
|
||
## Contributing | ||
|
||
We're open to all community contributions! If you'd like to contribute in any way, please read our [Contributing Guide](https://github.com/nextauthjs/adapters/blob/main/CONTRIBUTING.md). | ||
|
||
## License | ||
|
||
ISC |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,50 @@ | ||
{ | ||
"name": "@next-auth/dgraph-adapter", | ||
"version": "1.0.2", | ||
"description": "Dgraph adapter for next-auth.", | ||
"homepage": "https://next-auth.js.org", | ||
"repository": "https://github.com/nextauthjs/adapters", | ||
"bugs": { | ||
"url": "https://github.com/nextauthjs/adapters/issues" | ||
}, | ||
"author": "Arnaud Derbey <arnaud@derbey.dev>", | ||
"contributors": [], | ||
"main": "dist/index.js", | ||
"files": [ | ||
"dist", | ||
"index.d.ts" | ||
], | ||
"license": "ISC", | ||
"keywords": [ | ||
"next-auth", | ||
"next.js", | ||
"dgraph", | ||
"graphql" | ||
], | ||
"private": false, | ||
"publishConfig": { | ||
"access": "public" | ||
}, | ||
"scripts": { | ||
"build": "tsc", | ||
"test": "./tests/test.sh" | ||
}, | ||
"peerDependencies": { | ||
"jsonwebtoken": "^8.5.1", | ||
"next-auth": "^4.0.1" | ||
}, | ||
"devDependencies": { | ||
"@types/jest": "^26.0.24", | ||
"@types/jsonwebtoken": "^8.5.5", | ||
"@types/node-fetch": "^2.5.11", | ||
"jest": "^27.0.6", | ||
"ts-jest": "^27.0.3" | ||
}, | ||
"dependencies": { | ||
"jsonwebtoken": "^8.5.1", | ||
"node-fetch": "^2.6.1" | ||
}, | ||
"jest": { | ||
"preset": "adapter-test/jest" | ||
} | ||
} |
Oops, something went wrong.
dc3ad8c
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Successfully deployed to the following URLs: