auth-api/README.md

1.3 KiB

Databaes migration

Done using dbmate. Db stuff is stored in ./db.

Example of running the migrations:

docker run --rm -it -e DATABASE_URL="postgres://postgres:postgres@127.0.0.1:5432/pwrpln?sslmode=disable" --network=host -v "$(pwd)/db:/db" amacneil/dbmate up

Example of setting up a postgres SQL server:

docker run -d --name postgres --network=host -e POSTGRES_PASSWORD=postgres -e POSTGRES_PASSWORD=postgres -e POSTGRES_DB=pwrlpln postgres

Admin account

On first startup with a clean database, an account with name "admin" and the field "role" with a value "admin" is created with no password, using the API Key from ADMIN_API_KEY in the .env file.

Special account field: "role"

The account field "role" is a bit special, in that if it contains "admin" as one of its values, that grants access to all methods on all accounts on this service. It might be a good idea to use the field "role" for authorization throughout your services.

Some useful cURLs

Obtain an admin GWT: curl -d '"api-key-goes-here"' -H "Content-Type: application/json" -i http://localhost:4000/auth/api-key Use a bearer token to make a call: curl -H "Content-Type: application/json" -H "Authorization: bearer your-JWT-token-goes-here" -i http://localhost:4000/account/{accountID}