A Node.js, TypeScript & postgres SQL starter built upon Adonis JS framework, with ready-to-use users management system, to focus on building your new ideas.
🔋 Batteries included:
- Sign up form
- Sign in form
- Logout
- List / create / delete users in admin page
- Forgot password
- Email verification
- Roles and permissions with AdonisJS bouncers
Requirements:
⚠️ latest release of Node.js 14, along with npm >= 6.0.0.- a Postgres database.
# check your node version
node -v
# check your npm version
npm -v
# clone the repo
git clone git@github.com:yann-yinn/mvp-starter.git
# install dependencies
npm install
# DO NOT FORGET: create the .env file and set required env vars.
cp env.example .env
# create postgres tables
node run migration-up
# launch dev server !
npm run dev
Fork dev branch and make a PR againts the dev branch.
You can add new roles inside config/roles.ts
file. By default, there is only an "admin" and "member" roles.
import { Role } from "App/types";
const roles: Role[] = [
{
id: "member",
label: "Member",
},
{
id: "admin",
label: "Administrator",
},
];
export default roles;
MVP starter is using "bouncers" from Adonis JS framework to define authorizations.
See start/bouncer.ts
File for predefined authorizations or to add new authorizations.
Example bouncer: "Admin role can edit any post. Member can only edit their own posts":
.define("editPost", (user: User, post: Post) => {
if (userHasRoles(["admin"], user)) {
return true;
}
if (userHasRoles(["member"], user) && user.id === post.userId) {
return true;
}
return false;
})
Then, in your controller, use the defined bouncer like so (don't forget the await keyword!)
public async edit({ view, request, bouncer }: HttpContextContract) {
const entity = await this.entityModel.findOrFail(request.param("id"));
await bouncer.authorize("adminEditPost", entity);
// etc
}
You can control authorizations in the templates too:
@can('adminEditPost', entity)
<a href="{{entity._editLink}}">Edit</a> </td>
@end
See adonis docs on "bouncers" for more details: https://docs.adonisjs.com/guides/authorization
Fix SSL issue in development with postgres hosted with Heroku: configure rejectUnauthorized
in your config/database.ts
config file.
// config/database.ts
connections: {
pg: {
client: "pg",
connection: {
ssl: {
rejectUnauthorized: Env.get("NODE_ENV") === "production" ? true : false,
},
// ...