This package is a Vapor 4 template to showcase different features and include authentication functions needed for a lot of apps. It uses concepts such as: repository pattern, queues, jwt, fluent, testing and mailgun.
The template can be cloned and configured/changed to fit your needs, but should give a good starting point to anyone new to Vapor.
* tools version 5.9
* Repository protocols updated to a/a api.
- User registration [ ] Imperial
- User login
- Reset password
- Email verification
- Refresh and access tokens
- JWT Authentication
- Queues for email sending
- Repository Pattern
- Mailgun
- Testing
These environment variables will be used for configuring different services by default:
Key | Default Value | Description |
---|---|---|
POSTGRES_HOSTNAME |
localhost |
Postgres hostname |
POSTGRES_USERNAME |
vapor |
Postgres usernane |
POSTGRES_PASSWORD |
password |
Postgres password |
POSTGRES_DATABASE |
vapor |
Postgres database |
JWKS_KEYPAIR_FILE |
keypair.jwks |
JWKS Keypair file relative to root directory see "JWT" section for more info |
MAILGUN_API_KEY |
None | Mailgun API Key |
SITE_API_URL |
None | The URL where your API will be hosted ex: "https://api.myapp.com" (used for email-verification URL) |
SITE_FRONTEND_URL |
None | The URL where your frontend will be hosted ex: "http://myapp.com" (used for reset-password URL) |
NO_REPLY_EMAIL |
None | The no reply email that will be used for Mailgun |
REDIS_URL |
redis://127.0.0.1:6379 |
Redis URL for Queues worker. |
AppConfig
contains configuration like API URL, frontend URL and no-reply email. It loads from environment variables by default. Otherwise you can override it inside configure.swift
:
app.config = .init(...)
Constants.swift
contains constants releated to tokens lifetime.
Token | Lifetime |
---|---|
Access Token | 15 minutes |
Refresh Token | 7 days |
Email Verification Token | 24 hours |
Reset Password Token | 1 hour |
The template uses VaporMailgunService and be configured as it states in the documentation. Extensions/Mailgun+Domains.swift
contains the domains.
This package uses JWT for Access Tokens, and by default it loads JWT credentials from a JWKS file called keypair.jwks
in the root directory. You can generate a JWKS keypair at https://mkjwk.org/
URL | HTTP Method | Description | Content (Body) |
---|---|---|---|
/api/auth/register | POST | Registers a user and sends email verification | RegisterRequest |
/api/auth/login | POST | Login with existing user (requires email verification) | LoginRequest |
/api/auth/email-verification | GET | Used to verify an email with a email verification token | Query parameter token |
/api/auth/email-verification | POST | (Re)sends email verification to a specific email | SendEmailVerification |
/api/auth/reset-password | POST | Sends reset-password email with token | ResetPasswordRequest |
/api/auth/reset-password/verify | GET | Verifies a given reset-password token | Query parameter token |
/api/auth/recover | POST | Changes user password with reset-password token supplied | RecoverAccountRequest |
/api/auth/me | GET | Returns the current authenticated user | None |
/api/auth/accessToken | POST | Gives the user a new accesstoken and refresh token | AccessTokenRequest |