Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Backend - Finish DB Design, Resolvers, and JWT Security #1

Closed
hkd987 opened this issue Jan 23, 2022 · 1 comment
Closed

Backend - Finish DB Design, Resolvers, and JWT Security #1

hkd987 opened this issue Jan 23, 2022 · 1 comment
Assignees
@hkd987
Labels
enhancement New feature or request
Milestone
BACKEND MVP

Comments

@hkd987
Copy link
Contributor

hkd987 commented Jan 23, 2022
edited

Currently there are a couple holes in the backend DB design, the goal of this issue will be to finish the backend DB design.

Currently we have...

  • Users who have a login, these are users for our application or the base application
  • Users who have many projects

Project is a reference table to the Postgres schema where the Users -> Users will live, They will use the same Users and Login table that already exists meaning that we will be dog fooding our own application.

What we need to figure out still is as follows.

  • Secure access by JWT or API key to the correct table, this could mean a few things, one could be that a JWT includes a projectId reference, this could mean that we also need an API key table that relates to a project where a project could have many keys, and keys could be public or private keys. where a private key allows full access on the project and a public key only allows login and registration on that project.
  • We need to figure out a way to boot strap the init project where an open source user will be able to call a query that starts the first project
  • When this first project is made we want to ensure that the init project feature is then no longer working, this could be a resolver
  • We need to write resolvers for each model with auth logic that allow the app to be secure
  • Each project needs its own JWT signing key that will be stored in the DB, this will not be shared with anyone but will be used by the API to verify tokens. By giving each project its own key we allow ourselves to ensure that the JWT are unique for each project
  • Any other issues that come out of this.
  • Track if a user account is a paid account using stripe integration
  • Stripe checkout pages will be used, will need db models around this, Payment table that belongs to a user a user will haveOne payment
  • Payment feature will be enabled by a ENV setting, and

Im not sure at this point if we can break this work down further or if its ready to go as is....This is a pretty high level overview and could need more discussion.

IF YOU PLAN TO CONTRIBUTE OR WORK ON THIS ISSUE, LETS CHAT FIRST TO SYNC UP.
@hkd987 hkd987 added this to the BACKEND MVP milestone Jan 23, 2022
@hkd987 hkd987 changed the title Backend - Finish DB Design Backend - Finish DB Design, Resolvers, and JWT Security Jan 23, 2022
This was referenced Jan 23, 2022
Closed
Closed
Open
Open
@hkd987 hkd987 added the enhancement New feature or request label Jan 23, 2022
@hkd987 hkd987 self-assigned this Jan 25, 2022
evanyang1 added a commit to evanyang1/core that referenced this issue Feb 1, 2022
@evanyang1
add isPaidAccount field to user model (see authsio#1)
e0c70c9
@hkd987
Copy link
Contributor Author

hkd987 commented Mar 22, 2022

This had been completed for v1 work, V2 will handle payments

@hkd987 hkd987 closed this as completed Mar 22, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@hkd987 hkd987

Labels
enhancement New feature or request
Projects
authsio backend
Status: Done
Milestone
BACKEND MVP
Development

No branches or pull requests
1 participant
@hkd987