Skip to content

Auth docs #51

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Oct 16, 2024
Merged

Auth docs #51

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
bd1cda4
add auth docs
jairad26 Oct 16, 2024
de6f1b2
.:
jairad26 Oct 16, 2024
75a8129
.
jairad26 Oct 16, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
70 changes: 70 additions & 0 deletions modus/authentication.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,3 +2,73 @@
title: Authentication
description: ""
---

Modus supports authentication via the `Authorization` header in HTTP requests. You can use the
`Authorization` header to pass a bearer JSON Web Token (JWT) to your Modus app. The token
authenticates the user and authorize access to resources.

## Setting verification keys

To verify the token, you must pass the public keys via environment variables to modus, using the
`MODUS_PEMS` environment variable. The value of the `MODUS_PEMS` environment variable should be a
JSON object with the public keys as key-value pairs. This way, Modus can deserialize this into a map
of public keys, and use them to verify the token.

This is an example of how to set the `MODUS_PEMS` environment variable:

```bash
export MODUS_PEMS='{\"key1\":\"-----BEGIN PUBLIC KEY-----\\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJ9z1z1z1z1z1z\\n-----END PUBLIC KEY-----\"}'
```

## Verifying tokens

To verify the token, Modus uses the public keys passed via the `MODUS_PEMS` environment variable. If
the token is verifiable with any of the verification keys provided, Modus decodes the JWT token and
pass the decoded claims as an environment variable, allowing access through host functions.

## Accessing claims

To access the decoded claims, you can use the `getJWTClaims()` function, available in both Golang
and AssemblyScript. The function allows the user to pass in a class to deserialize the claims into,
and returns an instance of the class with the claims.

This is an example of how to use the `getJWTClaims()` function in AssemblyScript:

```ts AssemblyScript
import { auth } from "@hypermode/modus-sdk-as"

@json
export class ExampleClaims {
public sub!: string
public exp!: i64
public iat!: i64
}

export function getClaims(): ExampleClaims {
return auth.getJWTClaims<ExampleClaims>()
}
```

This is an example of how to use the `getJWTClaims()` function in Golang:

```go
package main

import (
"github.com/hypermodeinc/modus/sdk/go/pkg/auth"
)

type ExampleClaims struct {
Sub string `json:"sub"`
Exp int64 `json:"exp"`
Iat int64 `json:"iat"`
}

func GetClaims() (*ExampleClaims, error) {
return auth.GetJWTClaims[*ExampleClaims]()
}

```

This allows users to access the claims in the token and use them to authenticate and authorize users
in their Modus app.
3 changes: 2 additions & 1 deletion styles/config/vocabularies/general/accept.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -53,4 +53,5 @@ triaging
upsert
URL|url
urql
UUID
UUID
[Dd]eserialize