Production mode can be turned on with the environment setting NODE_ENV, e.g.
In production mode, authentication is handled through the Google OAuth API. An OAuth 2.0 web client has been setup through the Google developer console.
Login occurs through
- when testing it outside the docker images http://localhost:4000/auth/login
- when running it in the docker image e.g. http://deepsea-ai-backend/auth/login
Cookies are not used in this application and passwords are not stored. User identification is handled by storing an encrypted JWT token on the client.
To change the authentication credentials:
Login to the Google Developer Console
Key settings are:
- Authorized redirect URIs this is set to http://localhost:4000/auth/google/callback and must match the key GOOGLE_CALLBACKURL in .env
- Client secret - this must mach the key GOOGLE_SECRET in .env
- Client ID - this must match the key GOOGLE_CLIENTID in .env
Change the environment parameters
The production environment parameters to add to the .env file include: Change to match those in the developer console:
GOOGLE_CLIENTID=*changeme.apps.googleusercontent.com GOOGLE_SECRET=*changeme GOOGLE_CALLBACKURL=http://*.shore.mbari.org/auth/google/callback
Test the authentication outside the docker image, run the database separately with
docker-compose -f docker-compose.yml.postgres up -d database
Deploy the docker image
When the above is working, deploy the entire stack with
bin/docker_start.sh postgres all
- Good blog on oauth (scroll to bottom for JWT auth) http://gregtrowbridge.com/node-authentication-with-google-oauth-part1-sessions/
- Prisma Deployment Docs