Merge pull request #703 from vselvarajijay/hexagonal

wip - adding backend auth api for supertokens

environments/dev/docker-compose.yml

@@ -1,14 +1,15 @@
 version: '3'
 
-services:  
+services:
+  # PostgreSQL database for Supertokens
   db-supertokens:
-    image: 'postgres:latest'
+    image: postgres:latest
     environment:
-      POSTGRES_USER: supertokens_user 
-      POSTGRES_PASSWORD: somePassword 
+      POSTGRES_USER: supertokens_user
+      POSTGRES_PASSWORD: somePassword
       POSTGRES_DB: db-supertokens
     ports:
-      - 5432:5432
+      - "5432:5432"
     networks:
       - app_network
     restart: unless-stopped
@@ -18,25 +19,33 @@ services:
       timeout: 5s
       retries: 5
 
+  # Supertokens server
   supertokens:
     image: registry.supertokens.io/supertokens/supertokens-postgresql:9.2.2
     depends_on:
       db-supertokens:
         condition: service_healthy
     ports:
-      - 3567:3567
+      - "3567:3567"
     environment:
       POSTGRESQL_CONNECTION_URI: "postgresql://supertokens_user:somePassword@db-supertokens:5432/db-supertokens"
     networks:
       - app_network
     restart: unless-stopped
     healthcheck:
       test: >
-        bash -c 'exec 3<>/dev/tcp/127.0.0.1/3567 && echo -e "GET /hello HTTP/1.1\r\nhost: 127.0.0.1:3567\r\nConnection: close\r\n\r\n" >&3 && cat <&3 | grep "Hello"'
+        bash -c 'exec 3<>/dev/ttcp/127.0.0.1/3567 && echo -e "GET /hello HTTP/1.1\r\nhost: 127.0.0.1:3567\r\nConnection: close\r\n\r\n" >&3 && cat <&3 | grep "Hello"'
       interval: 10s
       timeout: 5s
-      retries: 5
-
+      retries: 5  
+  auth-api:
+    build:
+      context: ../../microservices/auth
+      dockerfile: Dockerfile
+    container_name: auth
+    ports:
+      - "3001:3001"
+    restart: always
 networks:
   app_network:
-    driver: bridge
+    driver: bridge

microservices/auth/Dockerfile

@@ -0,0 +1,29 @@
+# Use an official Python runtime as a parent image
+FROM python:3.12-slim
+
+# Install curl and any required system dependencies
+RUN apt-get update && apt-get install -y curl
+
+# Install Poetry
+RUN curl -sSL https://install.python-poetry.org | python3 -
+
+# Ensure Poetry is available in the PATH
+ENV PATH="/root/.local/bin:$PATH"
+
+# Set the working directory in the container
+WORKDIR /app
+
+# Copy the pyproject.toml and poetry.lock files to install dependencies first
+COPY pyproject.toml poetry.lock ./
+
+# Install project dependencies using Poetry
+RUN poetry install --no-root --no-dev
+
+# Copy the rest of the application code into the container
+COPY . .
+
+# Expose port 80 for the FastAPI app
+EXPOSE 3001
+
+# Run the FastAPI app using Uvicorn
+CMD ["poetry", "run", "uvicorn", "app:app", "--host", "0.0.0.0", "--port", "3001"]

microservices/auth/app.py

@@ -0,0 +1,55 @@
+import uvicorn
+
+from fastapi import FastAPI, Depends
+from starlette.middleware.cors import CORSMiddleware
+
+from supertokens_python import init, get_all_cors_headers
+from supertokens_python.framework.fastapi import get_middleware
+from supertokens_python.recipe.session import SessionContainer
+from supertokens_python.recipe.session.framework.fastapi import verify_session
+from supertokens_python.recipe.multitenancy.asyncio import list_all_tenants
+
+import config
+
+init(
+    supertokens_config=config.supertokens_config,
+    app_info=config.app_info,
+    framework=config.framework,
+    recipe_list=config.recipe_list,
+    mode="asgi",
+)
+
+
+app = FastAPI(title="SuperTokens example")
+app.add_middleware(get_middleware())
+
+@app.get("/sessioninfo")    
+async def secure_api(s: SessionContainer = Depends(verify_session())):
+    return {
+        "sessionHandle": s.get_handle(),
+        "userId": s.get_user_id(),
+        "accessTokenPayload": s.get_access_token_payload(),
+    }
+
+@app.get("/tenants")
+async def get_tenants():
+    tenantReponse = await list_all_tenants()
+
+    tenantsList = []
+
+    for tenant in tenantReponse.tenants:
+        tenantsList.append(tenant.to_json())
+
+    return {
+        "status": "OK",
+        "tenants": tenantsList,
+    }
+
+
+app = CORSMiddleware(
+    app=app,
+    allow_origins=[config.app_info.website_domain],
+    allow_credentials=True,
+    allow_methods=["GET", "PUT", "POST", "DELETE", "OPTIONS", "PATCH"],
+    allow_headers=["Content-Type"] + get_all_cors_headers(),
+)

microservices/auth/config.py

@@ -0,0 +1,84 @@
+from supertokens_python import init, InputAppInfo, SupertokensConfig
+from supertokens_python.recipe import emailpassword, thirdparty, passwordless, session, dashboard
+from supertokens_python.recipe.passwordless import ContactEmailOrPhoneConfig
+from supertokens_python.recipe.thirdparty.provider import ProviderInput, ProviderConfig, ProviderClientConfig
+from supertokens_python import (
+    InputAppInfo,
+    SupertokensConfig,
+)
+
+# this is the location of the SuperTokens core.
+supertokens_config = SupertokensConfig(
+    connection_uri="https://try.supertokens.com")
+
+app_info = InputAppInfo(
+    app_name="Supertokens",
+    api_domain="http://localhost:3001",
+    website_domain="http://localhost:3000",
+)
+
+framework = "fastapi"
+
+# recipeList contains all the modules that you want to
+# use from SuperTokens. See the full list here: https://supertokens.com/docs/guides
+recipe_list = [
+    session.init(),
+    emailpassword.init(),
+    passwordless.init(
+        flow_type="USER_INPUT_CODE_AND_MAGIC_LINK",
+        contact_config=ContactEmailOrPhoneConfig(),
+    ),
+    thirdparty.init(
+        sign_in_and_up_feature=thirdparty.SignInAndUpFeature(providers=[
+            ProviderInput(
+                config=ProviderConfig(
+                    third_party_id="google",
+                    clients=[
+                        ProviderClientConfig(
+                            client_id='1060725074195-kmeum4crr01uirfl2op9kd5acmi9jutn.apps.googleusercontent.com',
+                            client_secret='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'
+                        ),
+                    ],
+                ),
+            ),
+            ProviderInput(
+                config=ProviderConfig(
+                    third_party_id="github",
+                    clients=[
+                        ProviderClientConfig(
+                            client_id='467101b197249757c71f',
+                            client_secret='e97051221f4b6426e8fe8d51486396703012f5bd'
+                        ),
+                    ],
+                ),
+            ),
+            ProviderInput(
+                config=ProviderConfig(
+                    third_party_id="apple",
+                    clients=[
+                        ProviderClientConfig(
+                            client_id="4398792-io.supertokens.example.service",
+                            additional_config={
+                                "keyId": "7M48Y4RYDL",
+                                "privateKey": "-----BEGIN PRIVATE KEY-----\nMIGTAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBHkwdwIBAQQgu8gXs+XYkqXD6Ala9Sf/iJXzhbwcoG5dMh1OonpdJUmgCgYIKoZIzj0DAQehRANCAASfrvlFbFCYqn3I2zeknYXLwtH30JuOKestDbSfZYxZNMqhF/OzdZFTV0zc5u5s3eN+oCWbnvl0hM+9IW0UlkdA\n-----END PRIVATE KEY-----",
+                                "teamId": "YWQCXGJRJL",
+                            },
+                        ),
+                    ],
+                ),
+            ),
+            ProviderInput(
+                config=ProviderConfig(
+                    third_party_id="twitter",
+                    clients=[
+                        ProviderClientConfig(
+                            client_id='4398792-WXpqVXRiazdRMGNJdEZIa3RVQXc6MTpjaQ',
+                            client_secret='BivMbtwmcygbRLNQ0zk45yxvW246tnYnTFFq-LH39NwZMxFpdC'
+                        ),
+                    ],
+                ),
+            ),
+        ])
+    ),
+    dashboard.init()
+]