/mvp-starter

A Node.js, TypeScript & postgres SQL starter built upon AdonisJS 5 framework, with ready-to-use users management system, to focus on building your new ideas.

Primary LanguageJavaScript

MVP starter

A Node.js, TypeScript & postgres SQL starter built upon Adonis JS framework, with ready-to-use users management system, to focus on building your new ideas.

🔋 Batteries included:

  • Sign up form
  • Sign in form
  • Logout
  • List / create / delete users in admin page
  • Forgot password
  • Email verification
  • Roles and permissions with AdonisJS bouncers

Installation

Requirements:

  • ⚠️ latest release of Node.js 14, along with npm >= 6.0.0.
  • a Postgres database.
# check your node version
node -v
# check your npm version
npm -v

# clone the repo
git clone git@github.com:yann-yinn/mvp-starter.git

# install dependencies
npm install

# DO NOT FORGET: create the .env file and set required env vars.
cp env.example .env

# create postgres tables
node run migration-up

# launch dev server !
npm run dev

Contribute

Fork dev branch and make a PR againts the dev branch.

Roles and Permissions

Adding new role

You can add new roles inside config/roles.ts file. By default, there is only an "admin" and "member" roles.

import { Role } from "App/types";

const roles: Role[] = [
  {
    id: "member",
    label: "Member",
  },
  {
    id: "admin",
    label: "Administrator",
  },
];
export default roles;

definining authorizations

MVP starter is using "bouncers" from Adonis JS framework to define authorizations.

See start/bouncer.ts File for predefined authorizations or to add new authorizations.

Example bouncer: "Admin role can edit any post. Member can only edit their own posts":

.define("editPost", (user: User, post: Post) => {
  if (userHasRoles(["admin"], user)) {
    return true;
  }
  if (userHasRoles(["member"], user) && user.id === post.userId) {
    return true;
  }
  return false;
})

Then, in your controller, use the defined bouncer like so (don't forget the await keyword!)

public async edit({ view, request, bouncer }: HttpContextContract) {
  const entity = await this.entityModel.findOrFail(request.param("id"));
  await bouncer.authorize("adminEditPost", entity);
  // etc
}

You can control authorizations in the templates too:

@can('adminEditPost', entity)
  <a href="{{entity._editLink}}">Edit</a> </td>
@end

See adonis docs on "bouncers" for more details: https://docs.adonisjs.com/guides/authorization

FAQ

POSTGRES SSL AND HEROKU

Fix SSL issue in development with postgres hosted with Heroku: configure rejectUnauthorized in your config/database.ts config file.

// config/database.ts
connections: {
  pg: {
    client: "pg",
    connection: {
      ssl: {
        rejectUnauthorized: Env.get("NODE_ENV") === "production" ? true : false,
      },
      // ...