We are using Auth0 for the authentication of Boxtribute. As an introduction see the quickstart guides, e.g. for react
To mirror the development lifecycle of boxtribute there are four Auth0 tenants:
- boxtribute-dev This is the tenant for development. Every developer of Boxtribute has access to it. Just write Hans in slack if this is not the case.
- boxtribute-staging
- boxtribute-demo This is the tenant for the demo instance for interested ngos.
- boxtribute-production
We are only using email-password authentication and do not have any social logins enabled at the moment. We are using the Auth0 user store to administrate the user accounts. Every tenant has only one Database Connection since the Auth0 authentication does not allow multiple Database Connections for the same Application.
The development and staging include demo user accounts which match the accounts in the database seed of the dropapp and boxtribute repo. These demo users are imported and updated by hand at the moment.
Every Auth0 tenant has two applications set-up:
- a single page application called
boxtribute-reactfor the new mobile framework. - a regular web application called
dropapp-phpfor the old dropapp framework.
The domains for the Auth0 tenants are linked to the following domains:
- dev-login.boxtribute.org --> boxtribute-dev.eu.auth0.com
- staging-login.boxtribute.org --> boxtribute-staging.eu.auth0.com
- demo-login.boxtribute.org --> boxtribute-demo.eu.auth0.com
- login.boxtribute.org --> boxtribute-production.eu.auth0.com
The following data of each user are currently saved in the auth0 user db:
user_id(string)id-column incms_userstable. Auth0 prepends the connection to the string, e.g.auth0|1name(string)naam-column incms_userstable.email(string)email-column incms_userstable. Must be in email format.blocked(boolean)deleted-column incms_userstable.app_metadata['last_blocked_date'](date)deleted-column incms_userstable.app_metadata['organisation_id'](int)organisation_id-column incms_usergroupstable. OPTIONAL, not filled if user is a God Admin.app_metadata['base_ids'](list of int) aggregation ofcamp_id-columns incms_usergroup_campstable. OPTIONAL, not filled if user is a God Admin.app_metadata['usergroup_id'](int)cms_usergroups_id-column incms_userstable. OPTIONAL, not filled if user is a God Admin.app_metadata['valid_firstday'](int)valid_firstday-column incms_userstable. OPTIONAL, only filled if user has a time-limited access.app_metadata['valid_lastday'](int)valid_lastday-column incms_userstable. OPTIONAL, only filled if user has a time-limited access.
A user is a God Admin if they have the "Boxtribute God" role assigned. For these users, the is_admin-column in cms_users table equals 1.
If you want to re-seed the users in Auth0, start the dropapp-php server and call in any Browser the following script.
http://localhost:8100/reseed-auth0.php