forked from keystonejs/keystone
-
Notifications
You must be signed in to change notification settings - Fork 0
/
keystone.ts
66 lines (62 loc) · 1.68 KB
/
keystone.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
import { config } from '@keystone-6/core';
import { statelessSessions } from '@keystone-6/core/session';
import { createAuth } from '@keystone-6/auth';
import { lists } from './schema';
import { isSignedIn } from './access';
const sessionSecret = '-- DEV COOKIE SECRET; CHANGE ME --';
const sessionMaxAge = 60 * 60 * 24 * 30; // 30 days
const sessionConfig = {
maxAge: sessionMaxAge,
secret: sessionSecret,
};
const { withAuth } = createAuth({
listKey: 'Person',
identityField: 'email',
secretField: 'password',
initFirstItem: {
fields: ['name', 'email', 'password'],
itemData: {
/*
This creates a related role with full permissions, so that when the first user signs in
they have complete access to the system (without this, you couldn't do anything)
*/
role: {
create: {
name: 'Admin Role',
canCreateTodos: true,
canManageAllTodos: true,
canSeeOtherPeople: true,
canEditOtherPeople: true,
canManagePeople: true,
canManageRoles: true,
},
},
},
},
/* This loads the related role for the current user, including all permissions */
sessionData: `
name role {
id
name
canCreateTodos
canManageAllTodos
canSeeOtherPeople
canEditOtherPeople
canManagePeople
canManageRoles
}`,
});
export default withAuth(
config({
db: {
provider: 'sqlite',
url: process.env.DATABASE_URL || 'file:./keystone-example.db',
},
lists,
ui: {
/* Everyone who is signed in can access the Admin UI */
isAccessAllowed: isSignedIn,
},
session: statelessSessions(sessionConfig),
})
);