Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Using supertokens for auth with API gateway #1097

Open
pankiljoshi opened this issue Sep 18, 2024 · 3 comments
Open

Using supertokens for auth with API gateway #1097

pankiljoshi opened this issue Sep 18, 2024 · 3 comments
Assignees
@jayair
Labels
enhancement New feature or request

Comments

@pankiljoshi
Copy link

Hi,

I'm building an API server using sst/ion and I would like to use supertokens (https://supertokens.com/) for authentication, is there any documentation which I can refer to?
@jayair
Copy link
Contributor

jayair commented Sep 20, 2024

We don't currently have any docs on this.

@jayair jayair self-assigned this Sep 20, 2024
@jayair jayair added the enhancement New feature or request label Sep 20, 2024
@pankiljoshi
Copy link
Author

pankiljoshi commented Sep 21, 2024
edited
Loading

Current Update:

I was able to setup supertokens with a container service, the sst definition looks like this:

export const authService = cluster.addService("myService", {
    public: {
        ports: [{ listen: "443/https", forward: "3567/http" }],
        ...authDomain()
    },
    dev: {
        command: `docker run -p 3568:3567 -e POSTGRESQL_CONNECTION_URI="${process.env.DATABASE_URL}" -e POSTGRESQL_TABLE_NAMES_PREFIX="${process.env.SUPERTOKENS_POSTGRESQL_TABLE_NAMES_PREFIX}" -d registry.supertokens.io/supertokens/supertokens-postgresql`,
        url: "http://localhost:3567"
    },
    environment: {
        POSTGRESQL_CONNECTION_URI: process.env.DATABASE_URL,
        POSTGRESQL_TABLE_NAMES_PREFIX: process.env.SUPERTOKENS_POSTGRESQL_TABLE_NAMES_PREFIX
    },
    image: {
        dockerfile: "Dockerfile.auth",
        cpu: "1 vCPU",
        memory: "2 GB"
    }
});

And I did setup a greedy route for supertokens auth URL:

api.route("POST /auth/{proxy+}", {
    handler: "packages/functions/src/api/auth.handler",
});

The next step is to setup an authorizer to verify sessions, I'm trying to add a lambda authorizer for it like this:

const supertokensAuthorizer = api.addAuthorizer({
    name: "supertokensAuthorizer",
    lambda: {
      function: "packages/functions/src/api/auth.authorizer",
    }
  });

and this for protecting a route with the same authorizer:

api.route("POST /users", {
    handler: "packages/functions/src/api/createUser.handler",
    auth: {
        lambda: supertokensAuthorizer.id
    }
});

When I call the POST method /users, it's bypassing the auth and not triggering the supertokensAuthorizer handler (packages/functions/src/api/auth.handler"), I'm definitely doing something wrong here with the authorizer, any guidance would be appreciated.

I might write a tutorial once I figure it all out.

@thdxr Linear
Copy link
Contributor

thdxr commented Sep 23, 2024

wow this is great

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jayair jayair

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jayair @thdxr @pankiljoshi