Morbid is an authentication and authorization server written using Scala and ZIO
As of today, Morbid uses Google Cloud Identity / Firebase to authenticate its users.
After the user is authenticated, the authorization info for a given user is loaded and serialized as a jwt token.
Here is an example:
{
"account": "a1",
"code": "UID1",
"email": "user1@0.com",
"tenant": "DEFAULT",
"applications": {
"main_app": {
"groups": [ "g1" ],
"roles": {
"adm": [ "create", "read", "update", "delete" ]
}
},
"other_app": {
"groups": [ "other" ],
"roles": {
"cred_adm": [ "create", "read", "update" ],
"policy_adm": [ "read"]
}
}
}
}
This jwt token can be used internally at your organization to check which resources a given user should have access to
You can find the dbml here
Clone the guara project into your machine, then publish it locally using
sbt publishLocal
- Create the
morbid
database using./reset-db.sh morbid
(Postgresql) - Create a secret key for jwt (TBD)
- Create a Google Cloud Project and configure the authentication providers (TBD)
- Run the Morbid Backend using sbt
TBD