- Notifications
You must be signed in to change notification settings - Fork0
📱 A tiny passwordless SMS authentication service using Flask, JWT, Serverless, DynamoDB, Ariadne GraphQL
License
jottenlips/tinyauth
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
tinyauth is a very tiny passwordless GraphQL authentication service. tinyauth keeps authentication simple with 3 easy steps.
(This is a toy, don't use for production)
- sends code to user's phone
mutation {sendVerification(phone:"+15559993478",message:"Howdy! your code is") {status # 200message # verification sentsuccess # true }}
- verify phone with code user received as sms
mutation {verifyUser(verification: {phone:"+15559993478",code:"555555" }) {statusmessagesuccessauth # auth jwt to include in future headers }}
place jwt in headers {"auth": "auth-jwt-from-last-step"}
run the
getMequery
{getMe {idphone }}Set up your .aws credentials, make a DynamoDB table named tinyauth-dev
Install node (to run serverless-offline). I use nvm to manage my node versions.
Go to your tinyauth-api folder:
touch .env
Add TABLE_NAME and API_SECRET environment variables.
TABLE_NAME=my-app-devAPI_SECRET=somethingsecret
npm install
virtualenv -p python3 venv
source venv/bin/activate
pip install -r requirements.txt
sls deploy - will automatically make your dynamodb table on aws.
sls wsgi serve -p 8000 oryarn run start
Run queries in Graphi athttp://localhost:8000/graphql
TABLE_NAME=tinyauth-test API_SECRET=somethingsecret python -m pytest oryarn run test
Update your table name / secret in .env and run
sls deployimportrequestsvariables= {'phone':'+155555555555'}mutation="""mutation SendVerification($phone: String!) { sendVerification(phone: $phone) { status message success }}"""# or localhost:8000 for devrequests.post('https://tinyauth.io/graphql',json={'query':mutation,'variables':variables})
importrequestsvariables= {'phone':'+155555555555','code':'555555'}mutation="""mutation VerifyUser($phone: String!, $code: String!) { verifyUser(verification: { phone: $phone, code: $code }) { status message success auth # auth jwt to include in future headers }}"""# or localhost:8000 for devrequests.post('https://tinyauth.io/graphql',json={'query':mutation,'variables':variables})
importrequestsheaders= {"auth":your-tinyauth-jwt}query="""{ getMe { id phone }}"""# or localhost:8000 for devrequests.post('https://tinyauth.io/graphql',json={'query':query},headers=headers)
