Skip to content

Add JWT Authentication with Supabase Integration #5

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
kratos-42 wants to merge 4 commits into
base: main
Choose a base branch
from
Open

Add JWT Authentication with Supabase Integration #5

kratos-42 wants to merge 4 commits into from

Conversation

@kratos-42
Copy link
Owner

@kratos-42 kratos-42 commented Aug 10, 2025

Summary

This PR implements a complete JWT-based authentication system using Supabase as the authentication
provider. It adds user authentication capabilities including login, logout, and token refresh
functionality with role-based access control.

Changes

🔐 Authentication System

  • Implemented JWT authentication service with Supabase integration
  • Added GraphQL mutations for login, logout, and token refresh
  • Created auth guards for protecting GraphQL endpoints
  • Implemented role-based access control with custom decorators
  • Added authentication state management and user context

👤 User Management

  • Created User module with GraphQL resolver
  • Added me query to fetch current authenticated user
  • Integrated user entity with authentication flow

🛡️ Security Enhancements

  • Added GQL auth guards to protect sensitive endpoints
  • Implemented request logging interceptor for audit trails
  • Created sanitization utilities for sensitive data
  • Protected Spot module endpoints with authentication

🧪 Testing Infrastructure

  • Comprehensive test suites for authentication flows (login, logout, refresh)
  • Supabase service stubs for isolated testing
  • Updated existing Spot tests to work with auth guards
  • Refactored test fixtures for better organization

📦 Dependencies & Configuration

  • Added @supabase/supabase-js for Supabase integration
  • Updated Node version requirement to 22.17.1
  • Configured environment variables for Supabase connection
  • Updated Jest configuration for new test structure

GraphQL Schema Changes

Added new types and mutations:
type User
type Session
type AuthOutput
mutation login
mutation logout
mutation refreshToken
query me

Database Changes

  • Added user creation migration (1736268149676-create-user.ts)

Testing

All authentication endpoints have been thoroughly tested:

  • ✅ Login with valid/invalid credentials
  • ✅ Logout functionality
  • ✅ Token refresh mechanism
  • ✅ Protected endpoint access
  • ✅ Role-based authorization

Configuration

  • Node version: 22.17.1 (via .nvmrc)
  • Environment variables for Supabase (URL, anon key, service role key)
  • TypeScript path aliases for new modules

Breaking Changes

  • Spot resolver endpoints now require authentication
  • All mutations except login require valid JWT token

@kratos-42
feat: add authentication system with Supabase integration
2261209 
- Implement JWT-based authentication with login, logout, and refresh token
- Add User module with GraphQL resolver for current user
- Create auth guards and decorators for role-based access control
- Add logging interceptor and auth constants
- Integrate auth and user modules into app module
- Update GraphQL schema with auth types and mutations
- Add user creation migration
@kratos-42
test: update tests for authentication integration
144585b 
- Add authentication test suites for login, logout, and refresh token
- Create Supabase stubs for testing auth functionality
- Update spot resolver tests to work with auth guards
- Refactor spot fixtures to new structure
- Update NestJS testing module configuration
- Add auth guards to spot resolver endpoints
@kratos-42
chore: update configuration and dependencies
3eb6e4e 
- Add Supabase environment variables for auth
- Update Node version requirement to 22.17.1
- Add auth-related dependencies (@supabase/supabase-js)
- Configure Jest for auth module testing
- Update TypeScript paths for new modules
- Add .nvmrc for Node version management
@kratos-42
docs: add project documentation and development configuration
e66aebf 
- Add CLAUDE.md with codebase instructions
- Add PROJECT_SPECIFICATION.md with project requirements
- Configure VSCode settings for the project
- Add Claude Code local settings configuration
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@kratos-42