Skip to content
forked from flolu/auth

🔐 Refresh/Access Token Authentication Demo with Client Side Rendering, Server Side Rendering and Websockets

Notifications You must be signed in to change notification settings

simonemarinelli/auth

 
 

Repository files navigation

Fullstack Authentication

Access/Refresh Token Authentication Demo with Node.js And Typescript

Watch the YouTube Tutorial

Stack

Backend: Node.js, Typescript, MongoDB, Kubernetes

Frontend: Next.js, Typescript

DevOps: Docker, Terraform, Kubernetes, Google Cloud

Usage

Requirements: Docker, Docker Compose, Yarn, Node.js

Optional: Terraform, Google Cloud SDK

Setup

  • make setup
  • Create GitHub OAuth app here
    • Set "Homepage URL" to http://localhost:3000
    • Set "Authorization callback URL" to http://localhost:3000/github
    • Set GITHUB_CLIENT_ID in .env.development
    • Set NEXT_PUBLIC_GITHUB_CLIENT_ID in client/.env.development
    • "Generate a new client secret"
    • Set GITHUB_CLIENT_SECRET in .env.development

Development

  • make client (Start Next.js development server, http://localhost:3000)
  • make backend (Start development backend services)

Codebase

Services

  • client Next.js client (web application)
  • api Node.js server (http api)
  • realtime Node.js server (websocket server)
  • shared Typescript lib (shared code)
  • infrastructure Terraform (configurations to deploy application in the cloud)

Deployment

Commands

  • make init-infrastructure (Initialize Terraform)
  • make apply (Apply cloud resources, ~15 minutes)
  • make deploy (Build and deploy services to Kubernetes cluster)
  • make destroy (Destroy cloud resources)
  • make client-image (Build and push client Docker image)
  • make api-image (Build and push api Docker image)
  • make realtime-image (Build and push Docker image)

Step by step guide

  1. Configure variables in Makefile
    • GCP_PROJECT You can create a project here
    • TF_BUCKET Choose a unique bucket name for Terraform state
    • EMAIL Only used for generating SSL certificates
    • GKE_ZONE Choose a region or zone from this list for your Kubernetes cluster
    • DOMAIN
  2. Sign into your project gcloud auth application-default login
  3. Create the bucket for storing Terraform state (make create-terraform-bucket)
  4. Set terraform.backend.bucket in infrastructure/main.tf to TF_BUCKET
  5. Insert secrets into Google Cloud Secret Manager
    • GitHub OAuth (create here)
      • Set "Authorization callback URL" to https://api.${DOMAIN}/github
      • github_client_id
      • github_client_secret
    • Secrets (generate here)
      • refresh_token_secret
      • access_token_secret
    • MongoDB Atlas (create a free cluster here)
      • Navigate to Project Settings -> Access Manager -> API Keys -> Create API Key -> Select Project Owner
      • mongodbatlas_public_key
      • mongodbatlas_private_key
      • atlas_project_id (found under Settings)
  6. Add 0.0.0.0/0 to your MongoDB Atlas project "IP Access List" (Under Network Access)
  7. Enable Container Registry in your GCP console
  8. make init-infrastructure
  9. make deploy
  10. Go to Google Cloud DNS, main-zone, copy the NS record to your domain registrar
  11. Uncomment code block in infrastructure/modules/kubernetes-cert-manager/main.tf and run make apply
  12. The app should be live at https://${DOMAIN}
  • Every time you want to deploy changes, just run make deploy

About

🔐 Refresh/Access Token Authentication Demo with Client Side Rendering, Server Side Rendering and Websockets

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • TypeScript 50.0%
  • HCL 38.6%
  • Makefile 7.2%
  • Dockerfile 3.2%
  • JavaScript 1.0%