User Identity And Management System API Server Template
- Join/Leave waiting list
- Login with identity provider (Google)
- Refresh token rotation
- Role Based Access Control
- Register with email and Password
- Login with email
- Verify email address
- Verify phone number
- Login with verified phone number SMS OTP
- Login with verified email OTP
- Reset password
- Logout from all devices
- Delete user account
- Update user profile
- User profile picture
- WebSocket via GraphQL Subscriptions
- Brute-Force login protection
- User Management
- Existing project
npx dotenv-vault login
npx dotenv-vault pull- New project
cp .env.example .env- Set your
AWS_REGION,AWS_ACCESS_KEY_ID, andAWS_SECRET_ACCESS_KEYvariables. - Create an S3 bucket to store documents (images, files, etc) and set your
AWS_S3_BUCKETenv variable. - Follow AWS Serverless Image Handler instructions to create a CDN and set your
CLOUDFRONT_API_ENDPOINTenv variable. - Create a Dynamodb table for in-app notifications and set your
AWS_DYNAMODB_DELTA_TABLE. - Setup SES for Email (Ensure you have this AWS IAM Policy) and add your
SENDER_EMAILto the env variables. - Setup SNS for SMS.
- Create a sentry project and add the
SENTRY_DSNto your environment file
-
Create a Firebase project if you don't have one.
-
Navigate to APIs & Auth > Credentials in the Google Developers Console to get your
GOOGLE_CLIENT_IDandGOOGLE_CLIENT_SECRETenvironment variables -
Generate an OAuth2 API v2 id token from Google 0Auth 2.0 Playground to test.
yarn docker:buildyarn docker:startyarn docker:stopyarn testyarn sh
yarn db:migrateIn development
yarn sh
yarn init:devIn production
yarn init:appRun codegen after modifying the graphql schema to generate TypeScript definitions
yarn codegenWe store information about uploaded files in the File table within the database. To ensure the deletion of S3 objects when an associated file row is removed, it is crucial to use the Prisma delete method. This is because our Prisma client is hooked to delete any associated file objects in S3.
Example:
// DONT: This will not delete the picture in s3
prisma.update({
where: {},
data: {
picture: {
delete: true,
},
},
});
// DO: this will delete the file row and corresponding object in s3
await prisma.file.delete({
where: {
key: "...",
bucket: "...",
},
});We use "wrapping exceptions" technique to handle client generated errors. This allows us to take full control of the kind of errors we return, and easily translate them before sending to the end-users.
Begin by creating your project's env vault and authenticating against it.
npx dotenv-vault new
npx dotenv-vault loginPush development `.env`` file securely
npx dotenv-vault pushOpen the production environment to edit the production variables
npx dotenv-vault open productionBuild your project's encrypted .env.vault file
npx dotenv-vault buildFetch your production decryption key (will be used in the next step)
npx dotenv-vault keys production-
Generate and copy an access token for your DockerHub account
-
Add the access token to your repo actions secrets as
DOCKER_HUB_ACCESS_TOKEN -
Add your dockerhub username to your repo actions secrets as
DOCKER_HUB_USERNAME -
Add your dotenv-vault decryption key to your repo actions secrets as
DOTENV_KEY
-
Create a new PostgreSQL database
-
Add the External Database URL to your repo actions secrets as
DATABASE_URL -
Add the Internal Database URL to your vault's production enviroment as
DATABASE_URL
-
Create a new Redis Cache
-
Add the Internal Redis URL to your vault's prodction environment as
REDIS_URL
- Build your project's encrypted
.env.vaultfile
npx dotenv-vault build-
Commit and push changes to trigger action
-
Wait for CI build to finish successfully
-
Create a new Web Service using the new image from dockerhub. (You may need to add your DockerHub access token to render for private images)
-
Click the Advanced button and add your
DOTENV_KEYenvironment variable