Fastify plugin with Prisma to make simple & secure authentification middleware. Old Owner: @flexper
pnpm install fastify-auth-prisma unify-fastify prisma @prisma/client
Initialize Prisma and create a similar schema.prisma
model Token {
id String @id @unique @default(uuid())
refreshToken String
accessToken String
owner User @relation(fields: [ownerId], references: [id])
ownerId String
createdAt DateTime @default(now())
}
model User {
id String @id @unique @default(uuid())
tokens Token[]
createdAt DateTime @default(now())
updatedAt DateTime @updatedAt
}
Add your plugin in your fastify server
import fastify from 'fastify';
import { PrismaClient, User } from '@prisma/client';
import unifyFastifyPlugin from 'unify-fastify';
import {fastifyAuthPrismaPlugin} from 'fastify-auth-prisma';
const prisma = new PrismaClient();
const server = fastify();
declare module 'fastify' {
interface FastifyRequest {
connectedUser?: User;
}
}
await server.register(unifyFastifyPlugin);
await server.register(fastifyAuthPrismaPlugin, {
config: [{url: "/public/*", method: 'GET'}],
prisma,
secret: process.env.JWT_ACCESS_SECRET, // Recommanded to use an external variable but you can use any generated string
});Options
| Field Name | Type | Description |
|---|---|---|
| config | {url: string, method: HttpMethods}[] | Specify which urls are allowed without valid token |
| cookieIsSigned | boolean [OPTIONAL] | If cookies is used, precise if value is signed |
| secret | string | Secret use for accessToken generation |
| prisma | Prisma Client | |
| userValidation | (user: Prisma[User]) => Promise [OPTIONAL] | Function to run to add userValidation on request (ex: isBanned / isEmailValidated) |
Return
| Field Name | Type | Description |
|---|---|---|
| connectedUser | Prisma["User"] | Connected user |
| isConnected | boolean | Return if a user is connected |
Options
| Field Name | Type | Description |
|---|---|---|
| prisma | Prisma Client | |
| userId | string | |
| secret | string | Secret use for accessToken generation |
| refreshSecret | string? | Secret use for refreshToken generation |
| accessTokenTime | string | Time validity for accessToken Help for time format |
| refreshTokenTime | string | Time validity for refreshToken Help for time format |
Return
| Field Name | Type | Description |
|---|---|---|
| accessToken | string | |
| refreshToken | string |
Options
| Field Name | Type | Description |
|---|---|---|
| prisma | Prisma Client | |
| accessToken | string |
Return void
Options
| Field Name | Type | Description |
|---|---|---|
| prisma | Prisma Client | |
| userId | string |
Return void
Options
| Field Name | Type | Description |
|---|---|---|
| prisma | Prisma Client | |
| refreshToken | string | Refresh token generated |
| secret | string | Secret use for accessToken generation |
| refreshSecret | string | Secret use for refreshToken generation |
| accessTokenTime | string | Time validity for accessToken Help for time format |
Return
| Field Name | Type | Description |
|---|---|---|
| accessToken | string | |
| refreshToken | string |
Options
| Field Name | Type | Description |
|---|---|---|
| req | Fastify request |
Return string
To configure your public routes, you need to specify your url and your method. You can use some alias too :
- Standard example :
{url: '/test/toto', method: 'GET'} - Match url who start with test :
{url: '/test/*', method: 'GET'} - Match all methods for this url :
{url: '/test/toto', method: '*'} - Match url who contain dynamic variable in it :
{url: '/test/:var1/test', method: 'GET'}
You can combine all this options of course ! {url: '/test/:testvar/toto/*', method: '*'}
To test this package, you need to run a PostgresSQL server :
docker-compose up -d
chmod -R 777 docker
pnpm prisma migrate deploy
pnpm testThis package use TSdx. Please check documentation to update this package.