mirror/lowdefy
2
0
Fork 0
mirror of https://github.com/lowdefy/lowdefy.git synced 2025-04-06 15:30:30 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #572 from lowdefy/user-docs

Browse Source 
User docs
This commit is contained in:
Gervwyk 2021-05-11 12:52:23 +02:00 committed by GitHub
commit 76a4d7c4b3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
19 changed files with 1819 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.lgtm.yml Normal file
View File

@ -0,0 +1,3 @@
path_classifiers:
generated:
- .pnp.cjs

123
packages/docs/actions/Login.yaml Normal file
View File

@ -0,0 +1,123 @@
# Copyright 2020-2021 Lowdefy, Inc
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
_ref:
path: templates/actions.yaml.njk
vars:
pageId: Login
pageTitle: Login
filePath: actions/Login.yaml
types: |
```
(pageId: string): void
(params: {
authUrlQueryParams?: object
pageId?: string,
input?: object,
urlQuery? object
}): void
```
description: |
The `Login` action requests the OpenID provider's authorization URL from the Lowdefy server. The user is redirected to this URL, which normally hosts a login page. If the user is already logged in at the provider, the provider might redirect the user back without requiring a password again.
The `Login` action can be used to update the `user` object, for example to update the user profile after it has been edited, or to make sure the user token is still valid before editing or creating a record in a database.
See [here](/login-and-logout) for information on logging in.
params: |
###### object
- `authUrlQueryParams: object`: Query parameters to set for the authorization URL.
- `pageId: string`: The pageId of the page to redirect to after the login flow is complete
- `input: object`: The input to set for the page the user is redirected to after login.
- `urlQuery: object`: The urlQuery to set for the page the user is redirected to after login.
examples: |
###### Login and redirect to home:
```yaml
- id: login
type: Login
```
###### Login, with input, pageId and urlQuery:
```yaml
- id: login
type: Login
params:
input:
input1: value
pageId: page1
urlQuery:
url1: value
```
###### Only login if user is not logged in:
```yaml
- id: login
type: Login
skip:
_ne:
- _user: sub
- null
```
###### Request the signup page from the provider:
```yaml
- id: Signup
type: Button
events:
onClick:
- id: login
type: Login
params:
authUrlQueryParams:
screen_hint: signup
```
###### Link to an external url:
```yaml
- id: link_url
type: Link
params:
url: www.lowdefy.com
```
###### Open a link in a new tab:
```yaml
- id: link_new_tab
type: Link
params:
pageId: my_page_id
newTab: true
```
###### Set the urlQuery of the page that is linked to:
```yaml
- id: link_url_query
type: Link
params:
pageId: my_page_id
urlQuery:
id:
_state: id
```
###### Set the input of the page that is linked to:
```yaml
- id: link_input
type: Link
params:
pageId: my_page_id
input:
id:
_args: row.id
```

44
packages/docs/actions/Logout.yaml Normal file
View File

@ -0,0 +1,44 @@
# Copyright 2020-2021 Lowdefy, Inc
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
_ref:
path: templates/actions.yaml.njk
vars:
pageId: Logout
pageTitle: Logout
filePath: actions/Logout.yaml
types: |
```
(void): void
```
description: |
When the `Logout` action is called, the user data and authorization cookie are cleared by the app. The `Logout` action does not take any parameters. The user is then redirected to the URL configured in `logoutRedirectUri`, or the app homepage if this is not configured.
Some OpenID Connect providers provide a URL that the user can be directed to to logout the user from the the provider. These urls normally have a query parameter that specifies where the provider should redirect the user after they have logged out the user. These redirect URLs are normally configured with the provider.
See [here](/login-and-logout) for information on how to configure the logout url.
params: |
The `Logout` action does not take any parameters.
examples: |
###### A logout button:
```yaml
- id: logout_button
type: Logout
properties:
title: Logout
events:
onClick:
- id: logout
type: Logout
```

2
packages/docs/concepts/context-and-state.yaml
View File

@ -71,6 +71,8 @@ _ref:
- [`_media`](/_media): The `media` object contains some information about the client screen size etc. This is useful in order to add additional responsive logic to a page.
- [`_user`](/user-object): The `user` object contains the data in the user idToken if OpenID Connect authentication is configured and a user is logged in.
- _ref:
path: templates/navigation_buttons.yaml
vars:

7
packages/docs/concepts/custom-blocks.yaml
View File

@ -160,3 +160,10 @@ _ref:
The easiest way to host your custom block is the deploy the custom block to [npm](https://www.npmjs.com/) and [Unpkg](https://unpkg.com/) will automatically host your block for you on their CDN. Although this option is easy, the cache settings for Unpkg can result in longer load times in some cases which can result in a unreliable user experience. It is thus best to deploy you blocks to your own static file servers.
We are working on a Lowdefy blocks CDN to improve this developer experience in the future.
- _ref:
path: templates/navigation_buttons.yaml
vars:
previous_page_title: Lists
previous_page_id: lists
next_page_title: User authentication
next_page_id: users-introduction

2
packages/docs/concepts/lowdefy-schema.yaml
View File

@ -58,6 +58,8 @@ _ref:
More than one menu can be configured in an app. As an example, this can be used when two logically different sections in the app need different menus.
If OpenID Connect authentication and role based authentication is configured, pages that the user is restricted from seeing are filtered from the menu object.
The schema for a menu object is:
- `id: string`: __Required__ - A identifier for the menu. If it is `default`, it will be used as default by pages.

2
packages/docs/connections/AWSS3.yaml
View File

@ -81,7 +81,7 @@ _ref:
The `AwsS3PresignedGetObject` request is used to get a download link for an object in AWS S3. The link provided by this request can be opened using the `Link` action.
#### Properties
- `versionId: string`: _String_ - VersionId used to reference a specific version of the object.
- `versionId: string`: VersionId used to reference a specific version of the object.
- `expires: number`: Number of seconds for which the policy should be valid.
- `key: string`: __Required__ - Key (or filename) under which object will be stored. If another file is saved with the same key, that file will be overwritten, so a random string in this field is probably needed.
- `responseContentType: string`: Sets the Content-Type header of the response.

6
packages/docs/lowdefy.yaml
View File

@ -50,4 +50,8 @@ menus:
_ref: menus.yaml
pages:
_ref: pages.yaml
_ref:
path: pages.yaml
# Commented out because it loops
# Use to generate new sitemap if pages are added
# transformer: templates/generateSitemap.js

46
packages/docs/menus.yaml
View File

@ -119,6 +119,43 @@
properties:
title: Custom Blocks
- id: users_group
type: MenuGroup
properties:
title: User Authentication
icon: TeamOutlined
links:
- id: users
type: MenuLink
pageId: users-introduction
properties:
title: Introduction
- id: openid-connect
type: MenuLink
pageId: openid-connect
properties:
title: OpenID Connect
- id: login-and-logout
type: MenuLink
pageId: login-and-logout
properties:
title: Login and Logout
- id: protected-pages
type: MenuLink
pageId: protected-pages
properties:
title: Protected pages
- id: user-object
type: MenuLink
pageId: user-object
properties:
title: User object
- id: roles
type: MenuLink
pageId: roles
properties:
title: Roles
- id: blocks_input
type: MenuGroup
properties:
@ -447,6 +484,12 @@
- id: Link
type: MenuLink
pageId: Link
- id: Login
type: MenuLink
pageId: Login
- id: Logout
type: MenuLink
pageId: Logout
- id: MessageAction
type: MenuLink
pageId: MessageAction # Clash with Message block
@ -625,6 +668,9 @@
- id: _url_query
type: MenuLink
pageId: _url_query
- id: _user
type: MenuLink
pageId: _user
- id: _uuid
type: MenuLink
pageId: _uuid

107
packages/docs/operators/_user.yaml Normal file
View File

@ -0,0 +1,107 @@
# Copyright 2020-2021 Lowdefy, Inc
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
_ref:
path: templates/operators.yaml.njk
transformer: templates/operatorsMethodTransformer.js
vars:
pageId: _user
pageTitle: _user
filePath: operators/_user.yaml
types: |
```
(key: string): any
(all: boolean): any
(arguments: {
all?: boolean,
key?: string,
default?: any,
}): any
```
description: |
The `_user` operator gets a value from the [`user`](/user-object) object. The `user` object contains the data in the user idToken if OpenID Connect authentication is configured and a user is logged in.
arguments: |
###### string
If the `_user` operator is called with a string argument, the value of the key in the `user` object is returned. If the value is not found, `null` is returned. Dot notation and [block list indexes](/lists) are supported.
###### boolean
If the `_user` operator is called with boolean argument `true`, the entire `user` object is returned.
###### object
- `all: boolean`: If `all` is set to `true`, the entire `user` object is returned. One of `all` or `key` are required.
- `key: string`: The value of the key in the `user` object is returned. If the value is not found, `null`, or the specified default value is returned. Dot notation and [block list indexes](/lists) are supported. One of `all` or `key` are required.
- `default: any`: A value to return if the `key` is not found in `user`. By default, `null` is returned if a value is not found.
examples: |
###### Get the value of `name` from `user`:
```yaml
_user: name
```
```yaml
_user:
key: name
```
Returns: The value of `name` in `user`.
###### Get the entire `user` object:
```yaml
_user: true
```
```yaml
_user:
all: true
```
Returns: The entire `user` object.
###### Dot notation:
Assuming user:
```yaml
sub: abc123
name: User Name
my_object:
subfield: 'Value'
```
then:
```yaml
_user: my_object.subfield
```
```yaml
_user:
key: my_object.subfield
```
Returns: `"Value"`.
###### Return a default value if the value is not found:
```yaml
_user:
key: might_not_exist
default: Default value
```
Returns: The value of `might_not_exist`, or `"Default value"`.
###### Block list indices:
Assuming `user`:
```yaml
sub: abc123
name: User Name
my_array:
- value: 0
- value: 1
- value: 2
```
then:
```yaml
_user: my_array.$.value
```
Returns: `0` when used from the first block (0th index) in a list.

11
packages/docs/pages.yaml
View File

@ -20,12 +20,18 @@
- _ref: concepts/connections-and-requests.yaml
- _ref: concepts/events-and-actions.yaml
- _ref: concepts/operators.yaml
- _ref: concepts/deployment.yaml
- _ref: concepts/secrets.yaml
- _ref: concepts/deployment.yaml
- _ref: concepts/lists.yaml
- _ref: concepts/custom-blocks.yaml
- _ref: users/users-introduction.yaml
- _ref: users/openid-connect.yaml
- _ref: users/login-and-logout.yaml
- _ref: users/protected-pages.yaml
- _ref: users/user-object.yaml
- _ref: users/roles.yaml
- _ref: blocks/input/AutoComplete.yaml
- _ref: blocks/input/ButtonSelector.yaml
- _ref: blocks/input/CheckboxSelector.yaml
@ -122,6 +128,8 @@
- _ref: actions/CallMethod.yaml
- _ref: actions/Link.yaml
- _ref: actions/Login.yaml
- _ref: actions/Logout.yaml
- _ref: actions/Message.yaml
- _ref: actions/Notification.yaml
- _ref: actions/Request.yaml
@ -179,6 +187,7 @@
- _ref: operators/_type.yaml
- _ref: operators/_uri.yaml
- _ref: operators/_url_query.yaml
- _ref: operators/_user.yaml
- _ref: operators/_uuid.yaml
- _ref: operators/_var.yaml
- _ref: operators/_yaml.yaml

889
packages/docs/public/sitemap.xml Normal file
View File

@ -0,0 +1,889 @@
<?xml version="1.0" encoding="UTF-8"?>
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
<url>
<loc>http://docs.lowdefy.com/introduction</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/tutorial-start</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/tutorial-create-page</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/tutorial-create-page-config</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/tutorial-add-blocks</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/tutorial-add-blocks-config</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/tutorial-actions-operators</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/tutorial-actions-operators-config</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/tutorial-requests</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/tutorial-requests-config</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/tutorial-deploy</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/next-steps</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/overview</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/cli</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/lowdefy-schema</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/context-and-state</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/blocks</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/layout</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/connections-and-requests</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/events-and-actions</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/operators</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/secrets</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/deployment</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/lists</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/custom-blocks</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/users-introduction</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/openid-connect</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/login-and-logout</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/protected-pages</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/roles</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/AutoComplete</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/ButtonSelector</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/CheckboxSelector</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/ChromeColorSelector</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/CircleColorSelector</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/ColorSelector</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/CompactColorSelector</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/DateRangeSelector</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/DateSelector</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/DateTimeSelector</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/GithubColorSelector</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/MonthSelector</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/MultipleSelector</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/NumberInput</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Pagination</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/ParagraphInput</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/RadioSelector</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/RatingSlider</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/S3UploadButton</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Selector</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/SliderColorSelector</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/SwatchesColorSelector</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Switch</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/TextArea</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/TextInput</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/TitleInput</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/TwitterColorSelector</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/WeekSelector</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Alert</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Anchor</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Avatar</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Breadcrumb</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Button</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/DangerousHtml</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/DangerousMarkdown</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Descriptions</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Divider</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/EChart</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Html</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Icon</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Markdown</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/MarkdownWithCode</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Menu</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Message</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/MobileMenu</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Notification</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Paragraph</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Progress</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Statistic</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Title</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Affix</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Badge</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Box</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Card</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Collapse</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Comment</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/ConfirmModal</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Drawer</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Label</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Modal</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Result</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Span</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Spin</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Tabs</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Context</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/PageHCF</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/PageHCSF</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/PageHeaderMenu</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/PageHSCF</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/PageSHCF</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/PageSiderMenu</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/ControlledList</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/List</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/AmazonRedshift</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/AWSS3</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/AxiosHttp</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/GoogleSheet</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Knex</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/MariaDB</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/MongoDB</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/MSSQL</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/MySQL</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/PostgreSQL</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/SendGridMail</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/SQLite</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/CallMethod</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Link</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/MessageAction</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/NotificationAction</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Request</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Reset</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/ScrollTo</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/SetGlobal</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/SetState</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/Validate</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_and</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_args</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_array</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_base64</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_date</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_diff</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_divide</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_eq</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_event</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_format</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_function</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_get</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_global</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_gt</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_gte</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_if</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_if_none</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_index</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_input</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_js</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_json</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_list_contexts</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_log</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_lt</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_lte</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_math</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_media</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_menu</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_mql</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_ne</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_not</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_nunjucks</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_object</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_operator</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_or</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_product</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_random</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_ref</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_regex</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_request</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_secret</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_state</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_string</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_subtract</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_sum</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_type</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_uri</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_url_query</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_uuid</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_var</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/_yaml</loc>
<lastmod>2021-05-07</lastmod>
</url>
<url>
<loc>http://docs.lowdefy.com/404</loc>
<lastmod>2021-05-07</lastmod>
</url>
</urlset>

42
packages/docs/templates/generateSitemap.js vendored Normal file
View File

@ -0,0 +1,42 @@
/*
Copyright 2020-2021 Lowdefy, Inc
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
function transformer(pages) {
const fs = require('fs');
const sitemapStart = `<?xml version="1.0" encoding="UTF-8"?>
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
`;
const sitemapEnd = `
</urlset>`;
const now = new Date();
const addPage = (acc, page) => {
return acc.concat(`
<url>
<loc>http://docs.lowdefy.com/${page.id}</loc>
<lastmod>${now.getFullYear()}-${now.getMonth() > 8 ? '' : 0}${now.getMonth() + 1}-${
now.getDate() > 9 ? '' : 0
}${now.getDate()}</lastmod>
</url>
`);
};
const sitemap = pages.reduce(addPage, sitemapStart).concat(sitemapEnd);
fs.writeFileSync('public/sitemap.xml', sitemap);
return pages;
}
module.exports = transformer;

164
packages/docs/users/login-and-logout.yaml Normal file
View File

@ -0,0 +1,164 @@
# Copyright 2020-2021 Lowdefy, Inc
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
_ref:
path: templates/general.yaml.njk
vars:
pageId: login-and-logout
pageTitle: Login and Logout
section: User Authentication
filePath: concepts/login-and-logout.yaml
content:
- id: introduction
type: MarkdownWithCode
properties:
content: |
The [`Login`](/Login) and [`Logout`](/Logout) actions can be used to log users in and out.
## Login
The `Login` action requests the OpenID provider's authorization URL from the Lowdefy server. The user is redirected to this URL, which normally hosts a login page. If the user is already logged in at the provider, the provider might redirect the user back without requiring a password again.
After the user has logged in successfully, the user is redirected to the `auth/openid-callback` route in the Lowdefy app, where the rest of the OpenID authorization code flow is completed.
The parameters of the Login action specify where the user is redirected after login is complete. If the pageId is not set, the user is redirected to the homepage. The parameters are:
- `authUrlQueryParams: object`: Query parameters to set for the authorization URL.
- `pageId: string`: The pageId of the page to redirect to after the login flow is complete
- `input: object`: The input to set for the page the user is redirected to after login.
- `urlQuery: object`: The urlQuery to set for the page the user is redirected to after login.
The `Login` action can be used to update the `user` object, for example to update the user profile after it has been edited, or to make sure the user token is still valid before editing or creating a record in a database.
#### Examples
###### A login page that redirects users in the onEnter event:
```yaml
id: login
type: Context
events:
onEnter:
# Redirect to "page1" if user is already logged in.
- id: logged_in_redirect
type: Link
skip:
_eq:
- _user: sub
- null
params: page1
# Call the Login action to log the user in.
- id: login
type: Login
skip:
_ne:
- _user: sub
- null
params:
# Redirect to "page1" after login is complete.
pageId: page1
```
###### A set of login and logout buttons:
```yaml
id: login_logout
type: Box
blocks:
- id: Login
type: Button
visible:
_eq:
- _user: sub
- null
events:
onClick:
- id: login
type: Login
- id: Logout
type: Button
visible:
_ne:
- _user: sub
- null
events:
onClick:
- id: logout
type: Logout
```
###### A signup button that uses authUrlQueryParams to request the signup screen:
```yaml
id: Signup
type: Button
events:
onClick:
- id: login
type: Login
params:
authUrlQueryParams:
screen_hint: signup
```
## Logout
When the `Logout` action is called, the user data and authorization cookie are cleared by the app. The `Logout` action does not take any parameters. The user is then redirected to the URL configured in `logoutRedirectUri`, or the app homepage if this is not configured.
Some OpenID Connect providers provide a URL that the user can be directed to to logout the user from the the provider. These urls normally have a query parameter that specifies where the provider should redirect the user after they have logged out the user. These redirect URLs are normally configured with the provider.
The logoutRedirectUri can be a [Nunjucks](https://mozilla.github.io/nunjucks/) template string, with the following template variables:
- `client_id`: The OpenID Connect client ID in `LOWDEFY_SECRET_OPENID_CLIENT_ID`
- `host`: The app host URL. This url includes the URL prefix (`https://` or `http://` if running a development server), and is URI encoded. It is intended to be used as a query parameter.
- `id_token_hint`: The user idToken.
- `openid_domain`: The OpenID Connect client ID in `LOWDEFY_SECRET_OPENID_DOMAIN`.
#### Examples
###### Redirect to the `logged-out` page in the app after logout:
```yaml
config:
auth:
openId:
logoutRedirectUri: '/logged-out'
```
###### Redirect to the Auth0 logout URL and return to the `logged-out` page in the app after logout:
```yaml
lowdefy: 3.14.1
config:
auth:
openId:
# Line breaks added for clarity
logoutRedirectUri: "{{ openid_domain }}/v2/logout?\
returnTo={{ host }}/logged-out&\
client_id={{ client_id }}"
```
###### Redirect to the Keycloak logout URL and return to the `logged-out` page in the app after logout:
```yaml
lowdefy: 3.14.1
config:
auth:
openId:
# Line breaks added for clarity
logoutRedirectUri: "{{ openid_domain }}/protocol/openid-connect/logout?\
post_logout_redirect_uri={{ host }}/logged-out&\
client_id={{ client_id }}&\
id_token_hint={{ id_token_hint }}"
```
- _ref:
path: templates/navigation_buttons.yaml
vars:
previous_page_title: OpenID Connect
previous_page_id: openid-connect
next_page_title: Protected pages
next_page_id: protected-pages

83
packages/docs/users/openid-connect.yaml Normal file
View File

@ -0,0 +1,83 @@
# Copyright 2020-2021 Lowdefy, Inc
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
_ref:
path: templates/general.yaml.njk
vars:
pageId: openid-connect
pageTitle: OpenID Connect
section: User Authentication
filePath: users/openid-connect.yaml
content:
- id: open_id_connect_content
type: MarkdownWithCode
properties:
content: |
Lowdefy supports the OpenID Connect standard as a user authorization mechanism. This means to add users to your app, you should setup a OpenID Connect provider. Some popular providers are:
- [Auth0](https://auth0.com)
- [Gluu](https://gluu.org)
- [Keycloak](https://www.keycloak.org)
- [Microsoft identity platform](https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-overview) (Active Directory)
- [Okta](https://www.okta.com)
- [Ory Hydra](https://www.ory.sh)
- [Ping Identity](https://www.pingidentity.com)
- [Sign In With Google](https://developers.google.com/identity) (Google Workspace is also supported)
A full list of OpenID Connect providers can be found [here](https://openid.net/developers/certified/).
## Configuring an OpenID Connect provider
To configure an OpenID Connect provider, you need to set the following lowdefy [secrets](/secrets): `OPENID_CLIENT_ID`, `OPENID_CLIENT_SECRET`, `OPENID_DOMAIN`, and `JWT_SECRET`. The can be set by setting the following environment variables:
```
LOWDEFY_SECRET_OPENID_CLIENT_ID = YOUR_CLIENT_ID
LOWDEFY_SECRET_OPENID_CLIENT_SECRET = YOUR_CLIENT_SECRET
LOWDEFY_SECRET_OPENID_DOMAIN = YOUR_OPENID_DOMAIN
LOWDEFY_SECRET_JWT_SECRET = YOUR_SECRET_KEY
```
See the section on JSON Web Tokens below for information about the `JWT_SECRET`.
If these are not set, the `Login` and `Logout` actions won't work, so users won't be able to log in. However, protected pages will not be served to public users.
Optional configuration can also be set in the Lowdefy configuration, at the path `config.auth.openId`. The following fields can be set:
- `scope: string`: _Optional_ - The OpenID Connect scope to request. The default is `openid profile email`. Should contain at least `openid`.
- `logoutRedirectUri: string`: _Optional_ - The URL to redirect to after logout. See more [here](/login-and-logout).
Details to configure specific OpenID Connect providers are given [here](/openid-provider-configuration).
# JSON Web Tokens
The app will use the `JWT_SECRET` to sign the JSON web tokens (with HS256) used to authorize users. This secret should be a long randomly generated string.
You can run the following command in the command console to generate the key:
```bash
node -e "console.log(require('crypto').randomBytes(256).toString('base64'));"
```
We recommend using a different key in your development and production environments.
Optional configuration can also be set in the Lowdefy configuration, at the path `config.auth.jwt`. The following fields can be set:
- `expiresIn: string | number`: The length of time a user token should be valid. The default is 4 hours. Can be expressed as a number in seconds, or a [vercel/ms string](https://github.com/vercel/ms).
- _ref:
path: templates/navigation_buttons.yaml
vars:
previous_page_title: Introduction
previous_page_id: introduction
next_page_title: Login and Logout
next_page_id: login-and-logout

67
packages/docs/users/protected-pages.yaml Normal file
View File

@ -0,0 +1,67 @@
# Copyright 2020-2021 Lowdefy, Inc
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
_ref:
path: templates/general.yaml.njk
vars:
pageId: protected-pages
pageTitle: Protected pages
section: User Authentication
filePath: concepts/protected-pages.yaml
content:
- id: introduction
type: MarkdownWithCode
properties:
content: |
By default, all the pages in a Lowdefy app are public. Protected pages are pages that can only be accessed by a logged in user. If a user that is not logged in tries to access a protected page, the user will be redirected to the 404 page. Pages that a user is not allowed to see will be filtered from the app menus.
The config can either be set to protect all pages, except for a list of public pages, or vise-versa, all pages are public except for a a list of protected pages.
Protected and public pages can be configured at the path `config.auth.pages` in the Lowdefy configuration. Here the fields `protected` and `public` fields can be set to true, or a list of pageIds. You cannot set `protected` or `public` to `false`, and both can't be an array or `true`.
When protecting all pages in the app, you will need to set at least one as public, to allow users to log in to the app.
#### Examples
###### List specific public pages:
```yaml
lowdefy: 3.14.1
config:
auth:
pages:
protected: true
public:
- '404'
- login
- public-page
````
###### List specific protected pages:
```yaml
lowdefy: 3.14.1
config:
auth:
pages:
public: true
protected:
- admin
- users
````
- _ref:
path: templates/navigation_buttons.yaml
vars:
previous_page_title: Login and Logout
previous_page_id: login-and-logout
next_page_title: User object
next_page_id: user-object

71
packages/docs/users/roles.yaml Normal file
View File

@ -0,0 +1,71 @@
# Copyright 2020-2021 Lowdefy, Inc
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
_ref:
path: templates/general.yaml.njk
vars:
pageId: roles
pageTitle: Roles
section: User Authentication
filePath: concepts/roles.yaml
content:
- id: introduction
type: MarkdownWithCode
properties:
content: |
Roles can be used to limit user access to certain pages. Only users with the role will be able to see the page, and the page will be filtered from menus if the user does not have the role.
Roles can be read from a custom claim on the OpenID Connect `idToken`. This should be an array of strings which are the role names. This needs to be configured at the OpenID Connect provider. The field that contains the roles array is configured in the `config.auth.openId` field in the Lowdefy configuration.
```yaml
lowdefy: 3.14.1
config:
auth:
openId:
# Field in the user idToken that contains the roles array.
rolesField: [string]
```
The pages that are protected by roles are configured in the `config.auth.roles` field in the Lowdefy configuration. This should be an object, where the keys are the role names, and the values are an array of pageIds that are protected by that role.
#### Examples
###### Protect pages using roles:
```yaml
lowdefy: 3.14.1
config:
auth:
openId:
rolesField: custom_roles
roles:
user-admin:
- users
- new-user
- edit-user
sales:
- customers
- new-customer
- edit-customer
reports:
- sales-report
- operations-report
````
# - _ref:
# path: templates/navigation_buttons.yaml
# vars:
# previous_page_title: User object
# previous_page_id: user-object
# next_page_title: Provider configuration
# next_page_id: openid-provider-configuration

73
packages/docs/users/user-object.yaml Normal file
View File

@ -0,0 +1,73 @@
# Copyright 2020-2021 Lowdefy, Inc
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
_ref:
path: templates/general.yaml.njk
vars:
pageId: user-object
pageTitle: User object
section: User Authentication
filePath: concepts/user-object.yaml
content:
- id: introduction
type: MarkdownWithCode
properties:
content: |
The `user` object contains all the claims on the OpenID Connect idToken, except for `aud`, `exp`, `iat`, and `iss`.
The following claims might be included:
- `sub`: The user id (Subject).
- `email`
- `name`
- `given_name`
- `family_name`
- `picture`: A url to the user's profile picture.
- `updated_at`
- `email_verified`
The user object can be accessed using the [`_user`](/_user) operator.
#### Examples
###### Use the user profile picture in a Avatar block:
```yaml
id: avatar
type: Avatar
properties:
src:
_user: picture
````
###### Insert user name and id (sub) when inserting a document in MongoDB:
```yaml
id: insert_data
type: MongoDBInsertOne
properties:
doc:
field:
_state: field
inserted_by:
name:
_user: name
id:
_user: sub
````
- _ref:
path: templates/navigation_buttons.yaml
vars:
previous_page_title: Protected pages
previous_page_id: protected-pages
next_page_title: Roles
next_page_id: roles

80
packages/docs/users/users-introduction.yaml Normal file
View File

@ -0,0 +1,80 @@
# Copyright 2020-2021 Lowdefy, Inc
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
_ref:
path: templates/general.yaml.njk
vars:
pageId: users-introduction
pageTitle: Introduction
section: User Authentication
filePath: concepts/users-introduction.yaml
content:
- id: introduction
type: Markdown
properties:
content: |
To add user authentication and authorization to a Lowdefy app, you need to do the following:
- Configure an OpenID Connect provider
- Configure which pages should be public and protected (only available to logged in users).
- Add the `Login` and `Logout` actions to your app, to allow users to log in and out.
Optionally, you can also:
- Use role based authorization to make certain pages available only to users with the correct roles.
An example app implementing OpenID Connect can be found [here](https://github.com/lowdefy/lowdefy-example-openid-connect).
- id: jwt_session_warning
type: Alert
properties:
type: warning
icon: WarningFilled
message: Stateful JSON Web Tokens are used for authentication
description: Lowdefy uses stateful JSON Web Tokens for user authentication, since the Lowdefy server is stateless and does not maintain a database of user sessions. This means that once a token is issued, it is valid until the token expires. Any changes to the user's access will only reflect after the token has expired, and the user obtains (or fails to obtain) a new token from the OpenID Connect provider. We recommend making sure tokens have a relatively short expiry time (the default is 4 hours), and evaluating if the security provided by this system is appropriate for your use case.
- id: auth_config
type: MarkdownWithCode
properties:
content: |
Most authorization and authentication settings are configured in the `config.auth` object in the Lowdefy configuration. The following config can be set:
```yaml
lowdefy: 3.14.1
config:
auth:
openId:
# The url the user should be redirected to after logout.
logoutRedirectUri: [string]
# Field in the user idToken that contains the roles array.
rolesField: [string]
# The OpenID Connect scope to request. The default is 'openid profile email'.
scope: [string]
jwt:
# The length of time a user token should be valid.
expiresIn: [string | number]
pages:
# Either set all pages as protected, or list specific protected pages.
protected: [boolean | string[]]
# Either set all pages as public, or list specific public pages.
public: [boolean | string[]]
roles:
# Restrict pages to only users with a certain role.
{roleName}: string[]
```
- _ref:
path: templates/navigation_buttons.yaml
vars:
previous_page_title: Overview
previous_page_id: overview
next_page_title: OpenID Connect
next_page_id: openid-connect