Skip to content

Development

Christopher McKiernan edited this page Aug 28, 2020 · 10 revisions

How to

How to authenticate locally

After starting the application in the 'local' environment, open up the website at localhost:8080. You should be immediately redirected to a bare bones login page. If you were not directed you may be logged in still (have an active token saved) from a previous session, to get forced to the login page you can go manually to or click on the profile icon, and select log out. Either way you will end up on the screen shown below.

You can type in any email in the email textbox. The email can be existing or made up on the spot. If it is existing, the local oauth detail mapper will use that entity as your authenticated user, else it will create a new user with this email and you will use that entity as your authenticated user.

For Role Override you have 5 options

  • SUPER - Gives you all 3 roles [ADMIN, PDL, MEMBER]
  • ADMIN - Gives you the admin role [ADMIN]
  • PDL - Gives you the PDL role [PDL]
  • MEMBER - Gives you the Member role [MEMBER]
  • Leave it blank - You have no new role access given to you, but you are still authenticated. If this user already had role access, you will be granted those roles.

When you fill in the role override, the mapper will do a lookup similar to the table above and grant you each role that matches your entry. For example if you had written SUPER in the role override textbox, the user tied to the email you put in above would be granted all three roles. These roles will be persisted in the database. The reverse is also true, if you pick a different role, roles you already had on that user may be taken away. For example if you decide to login in with the same user above, but put in a role override of PDL instead of the SUPER we did last time, the user will lose the roles of ADMIN and MEMBER, but keep the PDL role.

Once hitting submit the above database logic and magic is carried out, your request will go through a fake OAuthController that will mimic an OAuth issuer, and return back a JWT to the client which they can use for 1 hour before being forced to log in again for a new token.

Swagger

Go to the swagger endpoint. Click on the top level authorize button. For username type the the designated email of the user you want to impersonate or create. The password should be one of the role overrides listed above. You should be able to execute all the endpoints the role you chose to login with would provide you.

Frontend Development Testing

  1. Run the backend with MICRONAUT_ENVIRONMENTS=local
  2. In a console in the web-ui directory run npm start
  3. Go to localhost:8080 in your browser.
  4. Follow the steps above under How to authenticate locally to authenticate.
  5. Go to localhost:3000 in your browser.
Clone this wiki locally