✨ feat: Add auth flow (#146)

This adds a simple way to incorporate a centralized authentication flow. The idea is to have the user, API and SSH (for machine authentication) all in one place using `openauthjs` + `SST` We also have a database now :) > We are using InstantDB as it allows us to authenticate a use with just the email. Plus it is super simple simple to use _of course after the initial fumbles trying to design the db and relationships_
2025-12-12 08:45:38 +02:00 · 2025-01-04 00:02:28 +03:00
parent 33895974a7
commit fc5a755408
136 changed files with 3512 additions and 1914 deletions
--- a/packages/core/instant.perms.ts
+++ b/packages/core/instant.perms.ts
@@ -0,0 +1,35 @@
+// Docs: https://www.instantdb.com/docs/permissions
+
+import type { InstantRules } from "@instantdb/core";
+
+const rules = {
+  /**
+   * Welcome to Instant's permission system!
+   * Right now your rules are empty. To start filling them in, check out the docs:
+   * https://www.instantdb.com/docs/permissions
+   *
+   * Here's an example to give you a feel:
+   * posts: {
+   *   allow: {
+   *     view: "true",
+   *     create: "isOwner",
+   *     update: "isOwner",
+   *     delete: "isOwner",
+   *   },
+   *   bind: ["isOwner", "auth.id != null && auth.id == data.ownerId"],
+   * },
+   */
+  "$default": {
+    "allow": {
+      "$default": "false"
+    }
+  },
+  machines: {
+    allow: {
+      "$default": "isOwner",
+    },
+    bind: ["isOwner", "auth.id != null && auth.id == data.ownerID"],
+  }
+} satisfies InstantRules;
+
+export default rules;