TheVirginBrokey waptik

Auth0 + FaunaDB ABAC integration: How to expire Fauna user secrets.

Fauna doesn't (yet?) provide guaranteed expiration/TTL for ABAC tokens, so we need to implement it ourselves if we care about it.

What's in the box?

3 javascript functions, each of which can be imported into your project or run from the command-line using node path/to/script.js arg1 arg2 ... argN:

deploy-schema.js: a javascript function for creating supporting collections and indexes in your Fauna database.

Goal

use Auth0 for logins
retrieve a Fauna instance secret for the user (see Fauna's ABAC tutorial)
have the user’s device talk directly to Fauna's native graphql endpoint using their secret for authorization.

Solutions

At the very least, we need two pieces of functionality:

Create a user document in Fauna to represent each Auth0 user.
Exchange an Auth0 JWT for a FaunaDB user secret.

This is solution for the infamous problem of absense of established DRY mechanism for defining data in models and migrations for Sequelize.js.

Migrations such as adding or altering a column still must be made manually, but I think it's solvable using this solution too.

Some references

https://stackoverflow.com/questions/27835801/how-to-auto-generate-migrations-with-sequelize-cli-from-sequelize-models/ https://stackoverflow.com/questions/21105748/sequelize-js-how-to-use-migrations-and-sync/

VSCode Shortcuts

List of helpful shortcuts for faster coding

If you have any other helpful shortcuts, feel free to add in the comments of this gist :)

Official List of all commands

Windows
Mac

	import useSWR from '@zeit/swr';
	import localForage from 'localforage';
	import { ConfigInterface } from '@zeit/swr/dist/src/types';
	import { useState, useEffect } from 'react';

	export function usePersistentSWR(key: string, fn?: Function, config?: ConfigInterface) {
	let handleSuccess;
	if (config !== undefined && config.onSuccess !== undefined) {
	const { onSuccess } = config;
	handleSuccess = (data: any, key: string, config: ConfigInterface) => {

	import React, { useState, useEffect, useContext, createContext } from "react";
	import Auth0 from "auth0-js";

	/*
	SETUP INSTRUCTIONS:
	- Create a new Auth0 application and choose type "Single Page Web Applications"
	- Go to your news app's setting and add the domain and clientId to the code below
	where it says "Replace me".
	- In your new apps settings scroll to the bottom, click "Show Advanced Settings",
	go to the "Grant Types" tab, check the "Password" option, then click save.

	const MY_DOMAIN = "agodrich.com"
	const START_PAGE = "https://www.notion.so/gatsby-starter-notion-2c5e3d685aa341088d4cd8daca52fcc2"
	const DISQUS_SHORTNAME = "agodrich"

	addEventListener('fetch', event => {
	event.respondWith(fetchAndApply(event.request))
	})

	const corsHeaders = {
	"Access-Control-Allow-Origin": "*",

	import { } from 'react';
	import { Link } from 'vev';

	export default function({ link, linkText }: Props) {
	return (
	<Link to={link} className="fill">{linkText \|\| 'Open link'}</Link>
	);
	}

	# This sample template explores how we can turn the Telegram blog post on the left into an Instant View page as shown on the right — in several simple steps. If you're unsure what some of the elements used here do, check out the full documentation here: https://instantview.telegram.org/docs

	# Place the version at the beginning of template. We recommend always using the latest available version of Instant View.
	~version: "2.0"

	### STEP 1: Define which pages get Instant View and which don't

	# That's easy because we only need IV pages for posts on the Telegram blog.
	# This condition does the trick.
	# ?path: /blog/.+

	const query = require('./query.js');

	require('es6-promise').polyfill();

	exports.handler = function(event, context, callback) {
	query(event["queryStringParameters"]['username']).then(function(data){

	var resp = {
	"isBase64Encoded": false,
	"statusCode": 200,