Auth
Enabling Auth
- To enable auth in the application, a dedicated CSV file should be used
- It is recommended to keep only auth related info in this table
- This table must have:
usernamecolumn oftexttype as its primary keypasswordcolumn oftexttype withHashenabled
- This table may also have optional fields to enable role/organization based authorization:
rolefield oftexttype withEnumsset- any number of organizational fields - column names can be user-decided but they must be of
texttype
- Checkout the sample
login.csvhere - The
authTablefield indata/appConfig.jsonshould be the name of auth table fromschema.jsonwhich satisfies the above mentioned constraints - The
orgFieldsarray should contain the column names choosen as organizational fields in theauthTable
Note
In auth CSV table, the username, password and role fields must be named as it is
tip
The organizational fields can be used to identify organzation, sub-organization, departments, sub-departments and so on
Register Route
- Send POST request to
/__auth/registerwith the JSON request body
Sample Register Request Body
{
"username": "john_doe",
"password": "secret",
"role": "hod",
"college_id": "college_1",
"course_id": "course_1",
"branch_id": "branch_1"
}
Login Route
- Send POST request to
/__auth/loginwith JSON request body
Sample Login Request Body
{
"username": "john_doe",
"password": "secret"
}
-
A JWT cookie named
access_tokenwith an expiry date of30 daysis set to the response object, which is automatically sent along with the future requests -
The JWT token contains user info like
username,roleetc.
Sample JWT token info
{
"username": "john_doe",
"role": "hod",
"college_id": "college_1",
"course_id": "course_1",
"branch_id": "branch_1"
}
Logout Route
- Send GET request to
/__auth/logout
Refresh Token Route
- Send GET request to
/__auth/refresh - Can be used to verify the current access token in the cookie
- Sets an updated access token in the cookie