Auth0
Created by: cschloer
Use Auth0 to login. To test with actual endpoints, pull flask boilerplate PR (https://github.com/Blocp/flask-boilerplate/pull/29) into projectservice and do an index search of projects.
New env variables:
REACT_APP_AUTH0_DOMAIN=blocpower.auth0.com REACT_APP_AUTH0_CLIENT_ID=[available on the auth0 website, go to clients -> dashboard] REACT_APP_AUTH0_CALLBACK_URL=http://localhost:5501/callback REACT_APP_AUTH0_CLAIMS_NAMESPACE=http://blocpower/claims/ REACT_APP_AUTH0_AUDIENCE=http://service.blocpower.io/
Log in with your blocpower account, all other domains are blocked.
To test the permissions feature, go to the /developer route. You should be blocked. Now go to the auth0 user/roles page (auth0 dashboard -> extensions -> Auth0 authorization -> find your user, add them to the developer group). Log in and out. Now you should be unblocked.
YOU MUST ALSO UPDATE NGINX CONF FILES:
sudo vim /etc/nginx/conf.d/*
Update all of the conf files for all of the services so that they accept the x-blocpower-auth0-token' always header
So they should look something like:
server {
listen 5400;
server_name 0.0.0.0;
location / {
add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Allow-Methods' 'HEAD, GET, POST, PUT, DELETE, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'x-blocpower-app-key,x-blocpower-app-secret,x-blocpower-app-token,x-blocpower-auth-key,x-blocpower-auth-token,x-blocpower-google-token,x-blocpower-auth0-token' always;
add_header 'Access-Control-Expose-Headers' 'x-blocpower-app-key,x-blocpower-app-secret,x-blocpower-app-token,x-blocpower-auth-key,x-blocpower-auth-token,x-blocpower-google-token,x-blocpower-auth0-token' always;
proxy_pass http://0.0.0.0:5300;
}
}