mirror of
https://github.com/nestriness/nestri.git
synced 2025-12-12 08:45:38 +02:00
fc5a755408
This adds a simple way to incorporate a centralized authentication flow. The idea is to have the user, API and SSH (for machine authentication) all in one place using `openauthjs` + `SST` We also have a database now :) > We are using InstantDB as it allows us to authenticate a use with just the email. Plus it is super simple simple to use _of course after the initial fumbles trying to design the db and relationships_
36 lines
839 B
TypeScript
36 lines
839 B
TypeScript
// Docs: https://www.instantdb.com/docs/permissions
|
|
|
|
import type { InstantRules } from "@instantdb/core";
|
|
|
|
const rules = {
|
|
/**
|
|
* Welcome to Instant's permission system!
|
|
* Right now your rules are empty. To start filling them in, check out the docs:
|
|
* https://www.instantdb.com/docs/permissions
|
|
*
|
|
* Here's an example to give you a feel:
|
|
* posts: {
|
|
* allow: {
|
|
* view: "true",
|
|
* create: "isOwner",
|
|
* update: "isOwner",
|
|
* delete: "isOwner",
|
|
* },
|
|
* bind: ["isOwner", "auth.id != null && auth.id == data.ownerId"],
|
|
* },
|
|
*/
|
|
"$default": {
|
|
"allow": {
|
|
"$default": "false"
|
|
}
|
|
},
|
|
machines: {
|
|
allow: {
|
|
"$default": "isOwner",
|
|
},
|
|
bind: ["isOwner", "auth.id != null && auth.id == data.ownerID"],
|
|
}
|
|
} satisfies InstantRules;
|
|
|
|
export default rules;
|