Skip to content
Snippets Groups Projects
Select Git revision
  • 2ed10cdaf4896706fa9317fc5be3d50c549df67e
  • master default protected
  • v1.2.12
  • ctc2019
  • v1.1.11
  • v1.1.10
  • v1.1.8
  • v1.1.4
  • v1.0.9
  • v1.0.3
  • v1.0.2
11 results

auth0_config.md

Blame
    • ac_sb33's avatar
    new config architecture -- ./config.js for server, ./leverjs/clientConfig.js...
    Andrew Cohen authored 
    new config architecture -- ./config.js for server, ./leverjs/clientConfig.js for client auth0 config
    b6e715d9
    History
    ac_sb33's avatar b6e715d9
    History
    auth0_config.md 2.29 KiB

    Configuring your lever server with your own auth0 account

    1. create an auth0 account

    2. create a new auth0 application type regular web application

    3. update the files ./leverjs/clientConfig.js and ./config.js with the details from your auth0 application -- modify the domain and audience fields with the information from your auth0 application. you can change the name, logo, color scheme of your login page as you desire. set the defaultPI field here as well.

      you can ask the git repo to not track your changes to the config.js and leverjs/clientConfig.js file, using: git update-index --skip-worktree ./leverjs/clientConfig.js (repeat for config.js)

    4. next, enable google login https://auth0.com/docs/connections/social/google

    5. once a user has logged into your leverjs site for the first time, you need to validate that user once before they can edit/modify the database:

      a. go to the user settings on the auth0 page. Under "App Metadata", set

       {
     "verified"  : "true",
     "pi": piNameHere_this_should_match_defaultPI_in_leverjs\config.js
 }

      b. go to the rules settings on the auth0 page. Create two new rules as follows:

       0. PI metadata to accessToken

 function (user, context, callback) {
     var namespace = 'https://leverjs.net/'; // fine to use this namespace for your app

     if (undefined!==user.app_metadata)
         context.accessToken[namespace + 'pi'] = user.app_metadata.pi;
     else
         context.accessToken[namespace + 'pi'] = 'undefined';
     context.accessToken[namespace + 'email']=user.email;
     callback(null, user, context);
 }

 1. is user app metadata verified
 
 function (user, context, callback) {
     if (undefined===user.app_metadata || 'true'!==user.app_metadata.verified) {
         return callback(new UnauthorizedError('account unverified -- access denied'));
     }
     callback(null, user, context);
 }

    6. At this point you should be able to login and write/edit the LEVER files. Try it out. If something goes wrong,check the auth0 log file, or check the leverjs server console for error messages.

    -andy cohen November 2018