База знаний
Simple TODO app With Swifty
Опубликовано Денис Завьялов on 21 November 2018 11:10

What is Swifty? 

Swifty is a serverless platform that allows you to develop and run backends for your web or mobile applications as fast and easy as possible without having to manage any infrastructure. With Swifty, you do not need to think about your application’s scalability or availability, we do it for you. For more convenience, we also include Maria and Mongo databases, object storage, and Authentication-as-a-Service. The only thing you need to do is code functions for your backend.

In this guide, we will use Swifty as a backend for the Swifty.Demo portal. Swifty.Demo is a simple application that allows you to manage user profiles and tasks. We will use Go and Python to code functions. The Swifty.Demo page itself is created with Vue.js (source code).

You can find more examples of functions and the source code of Swifty.Demo on GitHub as well.

The following sections list steps you need to perform to get the backend up and running.

Setting Up Access to Swifty 

First, you need to set up access to Swifty. It is available from our own Swifty.Cloud, or you can deploy it on premises or in a public cloud, e.g., Amazon AWS. Note, however, that the latter version, Swifty.Lite, has a few limitations, even though all the features are available.

After setting up access to Swifty, you need to create your user account in the Swifty.Dashboard.

Setting Up Authorization and Creating Users 

A typical application that stores data requires a way to create and manage user accounts. Swifty offers built-in Authentication-as-a-Service that provides the basic actions: SignUpSignIn, and LogOut.

First, create the authentication backend. In the Swifty.Dashboard, open Authentication Services and click Create Auth Database. Name the database auth and activating the service. Doing so will create three components in your Swifty deployment:

  • The function that serves authentication calls. In this example, it is auth_um.
  • MongoDB middleware that stores user IDs, names, and passwords. In this example, it is auth_mgo.
  • Authentication middleware that lets the function manage JWT tokens. Currently, only authjwt is supported. The Swifty library has a helper that uses this middleware by generating and signing JWT tokens with the given claims. This middleware will later be used to mark function calls that first need to be authenticated the by Swifty platform itself.

The auth_um function written in Go provides basic user management features and is ready for use out of the box. If you need more authentication features or integration with 3rd-party services, you can easily edit the default function (e.g., to integrate it with a mail service). The function uses the SWIFTY_AUTH_NAME variable that stores the name of the AUTHaaS service.

The function needs to have access to the Mongo and authentication middleware. It automatically gets a URL trigger that the application needs to call to manage users. To get the link for the trigger, open Functions in the Swifty.Dashboard, locate the function marked Authentication, open Triggers, copy the REST API URL, open Swifty.Demo and paste the URL into the Auth URL field.

The function expects the userid and password arguments. Note that the password is hashed with 256-bit salt by slowed-down bcrypt.

User management requests are sent using the POST method:

  • Sign up:
    https://api.swifty.cloud:8686/call/012cb5e1ee010032dce5d8f5f9d8c90239d32956bae998892d9db7a2b3c22bf7/signup&userid=user@yourmail.com&password=xxxxxxxx
  • Sign in:
    https://api.swifty.cloud:8686/call/012cb5e1ee010032dce5d8f5f9d8c90239d32956bae998892d9db7a2b3c22bf7/signin&userid=user@yourmail.com&password=xxxxxxxx
  • Log out:
    https://api.swifty.cloud:8686/call/012cb5e1ee010032dce5d8f5f9d8c90239d3295bae998892d9db7a2b3c22bf7/leave&userid=user@yourmail.com

If sign-in is successful, you get JSON response with a JWT token that lets you access functions. The JWT token is to be provided via the bearer authorization scheme. If an authentication check fails (no header, wrong scheme, or bad signature), the function is not called and the code 401 is returned. If authentication passes, the function receives the token claims via the request.claims field.

The Swifty.Demo application does the following when you sign up and open the user details page:

  1. Signs up a new user via the provided AUTHaaS.
  2. Gets the JWT token and adds a new record with the user profile to the user database.
  3. Signs in with the new user.
  4. Gets the user profile from the database.

To use Swifty.Demo, you also need to create a function to manage user profiles and the database to store them in.

First, create the profile management function from a template. Do the following the in Swifty.Dashboard:

  1. Click Functions > Create Function. Use the name profile_management, select Go as language and Base Template as template.
  2. Open Code, copy the function code from the GitHub example, and save the function.
  3. Click Triggers > Add Trigger > REST API (URL). Copy the newly created URL and paste it in the Profile Function URL field of Swifty.Demo

Second, create the MongoDB middleware and assign it to the profile management function:

  1. Click Mongo Database > Create Database. Use the name profiles.
  2. Click Functions > profile_management > Middleware > Attach Middleware. Select MongoDB and the profilesinstance.

Managing Profile Pictures 

Swifty.Demo allows you to upload user profile pictures. Alongside other files, pictures are kept in Swifty’s built-in object storage and can be managed with any S3 tool via the Amazon S3-compatible API.

While you can create your own function using the standard S3 API to upload and download profile pictures, you can also use a standard function that comes with Swifty. Do the following in the Swifty.Dashboard:

  1. Click Functions > Create Function. Use the name avatar_management, select Python as language and Empty Function as template.
  2. Click Code, copy the function code from GitHub example, and save the function.
  3. Click Triggers > Add Trigger > REST API (URL). Copy the newly created URL and paste it in the Avatar Function URL field of Swifty.Demo.

Create object storage for the project:

  1. Click Object Storage > Create Bucket. Use the name images.
  2. Click Functions > avatar_management > Middleware > Attach Middleware. Select Object Storage and the images bucket.

Enabling Authentication 

Now that the authentication backend, functions, and middleware are ready, you need to enable authentication for the user profile and avatar management functions to protect them from unauthorized access. Do the following in the Swifty.Dashboard:

  1. Click Functions and select the functions profile_management and avatar_management.
  2. Click Manage Authentication, select the authentication service, auth, and click Enable.

Now all functions will only be executed for users with valid JWT tokens.

By marking the function “authenticated” you make sure that Swifty gets the JWT from the call request, checks it and, if the JWT is properly signed, decodes the claims and passes them to the function as a request.claims field.

After all preparations, the Functions screen should look like this:

Screen-Shot

 

Now everything is ready and you can create the first user. To do this, open the Swifty.Demo page and sign up. You will automatically sign in to the portal and see the user profile. You can change details like City, upload a profile picture, and such. To save changes, click Update Profile.

If you open the Functions screen, you will see that the authentication auth function has executed at least once to create a new user account. The profile_management and avatar_management functions have been executed as well to create and update the user profile. All uploaded profile pictures will be in the images bucket of the object storage.

The Swifty.Demo portal also allows you to log out and sign in again.

Next Steps

 
Now you know all the basics and can start using Swifty. All the functions and the Swifty.Demo source code are available on GitHub. Remember that the default functions are working examples that you can change according to your goals.

 

(0 голос(а))
Эта статья помогла
Эта статья не помогла

Коментарии (0)