diff --git a/web/versioned_docs/version-0.13.11/advanced/accessing-app-config.md b/web/versioned_docs/version-0.13.11/advanced/accessing-app-config.md new file mode 100644 index 0000000000..1a79ab327e --- /dev/null +++ b/web/versioned_docs/version-0.13.11/advanced/accessing-app-config.md @@ -0,0 +1,60 @@ +--- +title: Accessing the configuration +--- + +Whenever you start a Wasp app, you are starting two processes. + - **The client process** - A React app that implements your app's frontend. + + During development, this is a dev server with hot reloading. In production, + it's a simple process that serves pre-built static files with environment variables + embedded during the build (details depend on [how you deploy + it](/docs/advanced/deployment/overview)). + + - **The server process** - An Express server that implements your app's backend. + + During development, this is an Express server controlled by a + [`nodemon`](https://www.npmjs.com/package/nodemon) process that takes care of + hot reloading and restarts. In production, it's a regular Express server run + using Node. + +Check [the introduction](/docs) for a more in-depth explanation of Wasp's runtime architecture. + +You can configure both processes through environment variables. See [the +deployment instructions](/docs/advanced/deployment/manually#environment-variables) for a full list +of supported variables. + +Wasp gives you runtime access to the processes' configurations through **configuration objects**. + +## Server configuration object + +The server configuration object contains these fields: + +- `frontendUrl: String` - Set it with env var `WASP_WEB_CLIENT_URL`. + + The URL of your client (the app's frontend).
+ Wasp automatically sets it during development when you run `wasp start`.
+ In production, you should set it to your client's URL as the server sees it + (i.e., with the DNS and proxies considered). + +You can access it like this: +```js +import { config } from 'wasp/server' + +console.log(config.frontendUrl) +``` + +## Client configuration object +The client configuration object contains these fields: +- `apiUrl: String` - Set it with env var `REACT_APP_API_URL` + + The URL of your server (the app's backend).
+ Wasp automatically sets it during development when you run `wasp start`.
+ In production, it should contain the value of your server's URL as the user's browser + sees it (i.e., with the DNS and proxies considered). + +You can access it like this: +```js +import { config } from 'wasp/client' + +console.log(config.apiUrl) +``` diff --git a/web/versioned_docs/version-0.13.11/advanced/apis.md b/web/versioned_docs/version-0.13.11/advanced/apis.md new file mode 100644 index 0000000000..4468829404 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/advanced/apis.md @@ -0,0 +1,343 @@ +--- +title: Custom HTTP API Endpoints +--- + +import { ShowForTs, ShowForJs } from '@site/src/components/TsJsHelpers' +import { Required } from '@site/src/components/Tag' + +In Wasp, the default client-server interaction mechanism is through [Operations](../data-model/operations/overview). However, if you need a specific URL method/path, or a specific response, Operations may not be suitable for you. For these cases, you can use an `api`. Best of all, they should look and feel very familiar. + +## How to Create an API + +APIs are used to tie a JS function to a certain endpoint e.g. `POST /something/special`. They are distinct from Operations and have no client-side helpers (like `useQuery`). + +To create a Wasp API, you must: + +1. Declare the API in Wasp using the `api` declaration +2. Define the API's NodeJS implementation + +After completing these two steps, you'll be able to call the API from the client code (via our `Axios` wrapper), or from the outside world. + +### Declaring the API in Wasp + +First, we need to declare the API in the Wasp file and you can easily do this with the `api` declaration: + + + + +```wasp title="main.wasp" +// ... + +api fooBar { // APIs and their implementations don't need to (but can) have the same name. + fn: import { fooBar } from "@src/apis", + httpRoute: (GET, "/foo/bar") +} +``` + + + +```wasp title="main.wasp" +// ... + +api fooBar { // APIs and their implementations don't need to (but can) have the same name. + fn: import { fooBar } from "@src/apis", + httpRoute: (GET, "/foo/bar") +} +``` + + + +Read more about the supported fields in the [API Reference](#api-reference). + + +### Defining the API's NodeJS Implementation + + + +:::note +To make sure the Wasp compiler generates the types for APIs for use in the NodeJS implementation, you should add your `api` declarations to your `.wasp` file first _and_ keep the `wasp start` command running. +::: + + +After you defined the API, it should be implemented as a NodeJS function that takes three arguments: + +1. `req`: Express Request object +2. `res`: Express Response object +3. `context`: An additional context object **injected into the API by Wasp**. This object contains user session information, as well as information about entities. The examples here won't use the context for simplicity purposes. You can read more about it in the [section about using entities in APIs](#using-entities-in-apis). + + + + +```ts title="src/apis.js" +export const fooBar = (req, res, context) => { + res.set("Access-Control-Allow-Origin", "*"); // Example of modifying headers to override Wasp default CORS middleware. + res.json({ msg: `Hello, ${context.user ? "registered user" : "stranger"}!` }); +}; +``` + + + + +```ts title="src/apis.ts" +import { FooBar } from "wasp/server/api"; // This type is generated by Wasp based on the `api` declaration above. + +export const fooBar: FooBar = (req, res, context) => { + res.set("Access-Control-Allow-Origin", "*"); // Example of modifying headers to override Wasp default CORS middleware. + res.json({ msg: `Hello, ${context.user ? "registered user" : "stranger"}!` }); +}; +``` + + + + + + +#### Providing Extra Type Information + +We'll see how we can provide extra type information to an API function. + +Let's say you wanted to create some `GET` route that would take an email address as a param, and provide them the answer to "Life, the Universe and Everything." πŸ˜€ What would this look like in TypeScript? + +Define the API in Wasp: + +```wasp title="main.wasp" +api fooBar { + fn: import { fooBar } from "@src/apis", + entities: [Task], + httpRoute: (GET, "/foo/bar/:email") +} +``` + +We can use the `FooBar` type to which we'll provide the generic **params** and **response** types, which then gives us full type safety in the implementation. + +```ts title="src/apis.ts" +import { FooBar } from "wasp/server/api"; + +export const fooBar: FooBar< + { email: string }, // params + { answer: number } // response +> = (req, res, _context) => { + console.log(req.params.email); + res.json({ answer: 42 }); +}; +``` + + + +## Using the API + +### Using the API externally + +To use the API externally, you simply call the endpoint using the method and path you used. + +For example, if your app is running at `https://example.com` then from the above you could issue a `GET` to `https://example/com/foo/callback` (in your browser, Postman, `curl`, another web service, etc.). + +### Using the API from the Client + +To use the API from your client, including with auth support, you can import the Axios wrapper from `wasp/client/api` and invoke a call. For example: + + + + +```jsx title="src/pages/SomePage.jsx" +import React, { useEffect } from "react"; +import { api } from "wasp/client/api"; + +async function fetchCustomRoute() { + const res = await api.get("/foo/bar"); + console.log(res.data); +} + +export const Foo = () => { + useEffect(() => { + fetchCustomRoute(); + }, []); + + return <>// ...; +}; +``` + + + +```tsx title="src/pages/SomePage.tsx" +import React, { useEffect } from "react"; +import { api } from "wasp/client/api"; + +async function fetchCustomRoute() { + const res = await api.get("/foo/bar"); + console.log(res.data); +} + +export const Foo = () => { + useEffect(() => { + fetchCustomRoute(); + }, []); + + return <>// ...; +}; +``` + + + +#### Making Sure CORS Works + +APIs are designed to be as flexible as possible, hence they don't utilize the default middleware like Operations do. As a result, to use these APIs on the client side, you must ensure that CORS (Cross-Origin Resource Sharing) is enabled. + +You can do this by defining custom middleware for your APIs in the Wasp file. + + + + +For example, an `apiNamespace` is a simple declaration used to apply some `middlewareConfigFn` to all APIs under some specific path: + +```wasp title="main.wasp" +apiNamespace fooBar { + middlewareConfigFn: import { fooBarNamespaceMiddlewareFn } from "@src/apis", + path: "/foo" +} +``` + +And then in the implementation file: + +```js title="src/apis.js" +export const apiMiddleware = (config) => { + return config; +}; +``` + + + + +For example, an `apiNamespace` is a simple declaration used to apply some `middlewareConfigFn` to all APIs under some specific path: + +```wasp title="main.wasp" +apiNamespace fooBar { + middlewareConfigFn: import { fooBarNamespaceMiddlewareFn } from "@src/apis", + path: "/foo" +} +``` + +And then in the implementation file (returning the default config): + +```ts title="src/apis.ts" +import { MiddlewareConfigFn } from "wasp/server"; +export const apiMiddleware: MiddlewareConfigFn = (config) => { + return config; +}; +``` + + + + +We are returning the default middleware which enables CORS for all APIs under the `/foo` path. + +For more information about middleware configuration, please see: [Middleware Configuration](../advanced/middleware-config) + +## Using Entities in APIs + +In many cases, resources used in APIs will be [Entities](../data-model/entities.md). +To use an Entity in your API, add it to the `api` declaration in Wasp: + + + + +```wasp {3} title="main.wasp" +api fooBar { + fn: import { fooBar } from "@src/apis", + entities: [Task], + httpRoute: (GET, "/foo/bar") +} +``` + + + +```wasp {3} title="main.wasp" +api fooBar { + fn: import { fooBar } from "@src/apis", + entities: [Task], + httpRoute: (GET, "/foo/bar") +} +``` + + + +Wasp will inject the specified Entity into the APIs `context` argument, giving you access to the Entity's Prisma API: + + + + +```ts title="src/apis.js" +export const fooBar = (req, res, context) => { + res.json({ count: await context.entities.Task.count() }); +}; +``` + + + + +```ts title="src/apis.ts" +import { FooBar } from "wasp/server/api"; + +export const fooBar: FooBar = (req, res, context) => { + res.json({ count: await context.entities.Task.count() }); +}; +``` + + + + +The object `context.entities.Task` exposes `prisma.task` from [Prisma's CRUD API](https://www.prisma.io/docs/reference/tools-and-interfaces/prisma-client/crud). + +## API Reference + + + + +```wasp title="main.wasp" +api fooBar { + fn: import { fooBar } from "@src/apis", + httpRoute: (GET, "/foo/bar"), + entities: [Task], + auth: true, + middlewareConfigFn: import { apiMiddleware } from "@src/apis" +} +``` + + + +```wasp title="main.wasp" +api fooBar { + fn: import { fooBar } from "@src/apis", + httpRoute: (GET, "/foo/bar"), + entities: [Task], + auth: true, + middlewareConfigFn: import { apiMiddleware } from "@src/apis" +} +``` + + + +The `api` declaration has the following fields: + +- `fn: ExtImport` + + The import statement of the APIs NodeJs implementation. + +- `httpRoute: (HttpMethod, string)` + + The HTTP (method, path) pair, where the method can be one of: + + - `ALL`, `GET`, `POST`, `PUT` or `DELETE` + - and path is an Express path `string`. + +- `entities: [Entity]` + + A list of entities you wish to use inside your API. You can read more about it [here](#using-entities-in-apis). + +- `auth: bool` + + If auth is enabled, this will default to `true` and provide a `context.user` object. If you do not wish to attempt to parse the JWT in the Authorization Header, you should set this to `false`. + +- `middlewareConfigFn: ExtImport` + + The import statement to an Express middleware config function for this API. See more in [middleware section](../advanced/middleware-config) of the docs. diff --git a/web/versioned_docs/version-0.13.11/advanced/deployment/DeploymentOptionsGrid.css b/web/versioned_docs/version-0.13.11/advanced/deployment/DeploymentOptionsGrid.css new file mode 100644 index 0000000000..8c0f1cf0ce --- /dev/null +++ b/web/versioned_docs/version-0.13.11/advanced/deployment/DeploymentOptionsGrid.css @@ -0,0 +1,29 @@ +.deployment-methods-grid { + display: grid; + grid-template-columns: repeat(auto-fit, minmax(300px, 1fr)); + grid-gap: 0.5rem; + margin-bottom: 1rem; +} +.deployment-method-box { + display: flex; + flex-direction: column; + justify-content: center; + border: 1px solid var(--ifm-color-emphasis-300); + border-radius: var(--ifm-pagination-nav-border-radius); + padding: 1.5rem; + transition: all 0.1s ease-in-out; +} +.deployment-method-box:hover { + border-color: var(--ifm-pagination-nav-color-hover); +} +.deployment-method-box h3 { + margin: 0; + color: var(--ifm-link-color); +} +.deployment-method-box p { + margin: 0; + color: var(--ifm-color-secondary-contrast-foreground); +} +.deployment-methods-info { + color: var(--ifm-color-secondary-contrast-foreground); +} diff --git a/web/versioned_docs/version-0.13.11/advanced/deployment/DeploymentOptionsGrid.tsx b/web/versioned_docs/version-0.13.11/advanced/deployment/DeploymentOptionsGrid.tsx new file mode 100644 index 0000000000..e29452acfe --- /dev/null +++ b/web/versioned_docs/version-0.13.11/advanced/deployment/DeploymentOptionsGrid.tsx @@ -0,0 +1,50 @@ +import React from 'react' +import './DeploymentOptionsGrid.css' + +export function DeploymentOptionsGrid() { + const deploymentMethods = [ + { + title: 'Using Wasp CLI', + description: 'One command deployment & redeployment', + linkToDocs: '/docs/advanced/deployment/cli', + }, + { + title: 'Deploying Manually', + description: 'Build the app and deploy it manually', + linkToDocs: '/docs/advanced/deployment/manually', + }, + ] + return ( + <> +
+ {deploymentMethods.map((deploymentMethod) => ( + + ))} +
+

+ Click on each deployment method for more details. +

+ + ) +} + +function DeploymentOptionBox({ + linkToDocs, + title, + description, +}: { + linkToDocs: string + title: string + description: string +}) { + return ( + +

{title} Β»

+

{description}

+ + ) +} diff --git a/web/versioned_docs/version-0.13.11/advanced/deployment/_addExternalAuthEnvVarsReminder.md b/web/versioned_docs/version-0.13.11/advanced/deployment/_addExternalAuthEnvVarsReminder.md new file mode 100644 index 0000000000..29c532d974 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/advanced/deployment/_addExternalAuthEnvVarsReminder.md @@ -0,0 +1,3 @@ +:::tip Using an external auth method? +If your app is using an external authentication method(s) supported by Wasp (such as [Google](../../auth/social-auth/google#4-adding-environment-variables) or [GitHub](../../auth/social-auth/github#4-adding-environment-variables)), make sure to additionally set the necessary environment variables specifically required by these method(s). +::: diff --git a/web/versioned_docs/version-0.13.11/advanced/deployment/_building-the-web-client.md b/web/versioned_docs/version-0.13.11/advanced/deployment/_building-the-web-client.md new file mode 100644 index 0000000000..cd49d1b191 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/advanced/deployment/_building-the-web-client.md @@ -0,0 +1,13 @@ +To build the web app, position yourself in `.wasp/build/web-app` directory: + +``` +cd .wasp/build/web-app +``` + +Run + +``` +npm install && REACT_APP_API_URL= npm run build +``` + +where `` is the URL of the Wasp server that you previously deployed. diff --git a/web/versioned_docs/version-0.13.11/advanced/deployment/cli.md b/web/versioned_docs/version-0.13.11/advanced/deployment/cli.md new file mode 100644 index 0000000000..822179d650 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/advanced/deployment/cli.md @@ -0,0 +1,253 @@ +--- +title: Deploying with the Wasp CLI +--- + +import { Required } from '@site/src/components/Tag'; + +Wasp CLI can deploy your full-stack application with only a single command. +The command automates the manual deployment process and is the recommended way of deploying Wasp apps. + +## Supported Providers + +Wasp supports automated deployment to the following providers: + +- [Fly.io](#flyio) - they offer 5$ free credit each month +- Railway (coming soon, track it here [#1157](https://github.com/wasp-lang/wasp/pull/1157)) + +## Fly.io + +### Prerequisites + +Fly provides [free allowances](https://fly.io/docs/about/pricing/#plans) for up to 3 VMs (so deploying a Wasp app to a new account is free), but all plans require you to add your credit card information before you can proceed. If you don't, the deployment will fail. + +You can add the required credit card information on the [account's billing page](https://fly.io/dashboard/personal/billing). + +:::info Fly.io CLI +You will need the [`flyctl` CLI](https://fly.io/docs/hands-on/install-flyctl/) installed on your machine before you can deploy to Fly.io. +::: + +### Deploying + +Using the Wasp CLI, you can easily deploy a new app to [Fly.io](https://fly.io) with just a single command: + +```shell +wasp deploy fly launch my-wasp-app mia +``` + +:::caution Specifying Org +If your account is a member of more than one organization on Fly.io, you will need to specify under which one you want to execute the command. To do that, provide an additional `--org ` option. You can find out the names(slugs) of your organizations by running `fly orgs list`. +::: + + + +Please do not CTRL-C or exit your terminal while the commands are running. + + +Under the covers, this runs the equivalent of the following commands: + +```shell +wasp deploy fly setup my-wasp-app mia +wasp deploy fly create-db mia +wasp deploy fly deploy +``` + +The commands above use the app basename `my-wasp-app` and deploy it to the _Miami, Florida (US) region_ (called `mia`). Read more about Fly.io regions [here](#flyio-regions). + +:::caution Unique Name +Your app name must be unique across all of Fly or deployment will fail. +::: + +The basename is used to create all three app tiers, resulting in three separate apps in your Fly dashboard: + +- `my-wasp-app-client` +- `my-wasp-app-server` +- `my-wasp-app-db` + +You'll notice that Wasp creates two new files in your project root directory: +- `fly-server.toml` +- `fly-client.toml` + +You should include these files in your version control so that you can deploy your app with a single command in the future. + +### Using a Custom Domain For Your App + +Setting up a custom domain is a three-step process: + +1. You need to add your domain to your Fly client app. You can do this by running: + +```shell +wasp deploy fly cmd --context client certs create mycoolapp.com +``` + +:::note Use Your Domain +Make sure to replace `mycoolapp.com` with your domain in all of the commands mentioned in this section. +::: + +This command will output the instructions to add the DNS records to your domain. It will look something like this: + +```shell-session +You can direct traffic to mycoolapp.com by: + +1: Adding an A record to your DNS service which reads + + A @ 66.241.1XX.154 + +You can validate your ownership of mycoolapp.com by: + +2: Adding an AAAA record to your DNS service which reads: + + AAAA @ 2a09:82XX:1::1:ff40 +``` + +2. You need to add the DNS records for your domain: + + _This will depend on your domain provider, but it should be a matter of adding an A record for `@` and an AAAA record for `@` with the values provided by the previous command._ + +3. You need to set your domain as the `WASP_WEB_CLIENT_URL` environment variable for your server app: + +```shell +wasp deploy fly cmd --context server secrets set WASP_WEB_CLIENT_URL=https://mycoolapp.com +``` + + + +We need to do this to keep our CORS configuration up to date. + + +That's it, your app should be available at `https://mycoolapp.com`! πŸŽ‰ + +## API Reference + +### `launch` + +`launch` is a convenience command that runs `setup`, `create-db`, and `deploy` in sequence. + +```shell +wasp deploy fly launch +``` + +It accepts the following arguments: + +- `` - the name of your app +- `` - the region where your app will be deployed + + Read how to find the available regions [here](#flyio-regions). + +It gives you the same result as running the following commands: + +```shell +wasp deploy fly setup +wasp deploy fly create-db +wasp deploy fly deploy +``` + +#### Environment Variables + +If you are deploying an app that requires any other environment variables (like social auth secrets), you can set them with the `--server-secret` option: + +``` +wasp deploy fly launch my-wasp-app mia --server-secret GOOGLE_CLIENT_ID=<...> --server-secret GOOGLE_CLIENT_SECRET=<...> +``` + +### `setup` + +`setup` will create your client and server apps on Fly, and add some secrets, but does _not_ deploy them. + +```shell +wasp deploy fly setup +``` + +It accepts the following arguments: + +- `` - the name of your app +- `` - the region where your app will be deployed + + Read how to find the available regions [here](#flyio-regions). + +After running `setup`, Wasp creates two new files in your project root directory: `fly-server.toml` and `fly-client.toml`. +You should include these files in your version control. + +You **can edit the `fly-server.toml` and `fly-client.toml` files** to further configure your Fly deployments. Wasp will use the TOML files when you run `deploy`. + +If you want to maintain multiple apps, you can add the `--fly-toml-dir ` option to point to different directories, like "dev" or "staging". + +:::caution Execute Only Once +You should only run `setup` once per app. If you run it multiple times, it will create unnecessary apps on Fly. +::: + +### `create-db` + +`create-db` will create a new database for your app. + +```shell +wasp deploy fly create-db +``` + +It accepts the following arguments: + +- `` - the region where your app will be deployed + + Read how to find the available regions [here](#flyio-regions). + +:::caution Execute Only Once +You should only run `create-db` once per app. If you run it multiple times, it will create multiple databases, but your app needs only one. +::: + +### `deploy` + +```shell +wasp deploy fly deploy +``` + +`deploy` pushes your client and server live. + +Run this command whenever you want to **update your deployed app** with the latest changes: + +```shell +wasp deploy fly deploy +``` + +### `cmd` + +If want to run arbitrary Fly commands (e.g. `flyctl secrets list` for your server app), here's how to do it: + +```shell +wasp deploy fly cmd secrets list --context server +``` + +### Fly.io Regions + +> Fly.io runs applications physically close to users: in datacenters around the world, on servers we run ourselves. You can currently deploy your apps in 34 regions, connected to a global Anycast network that makes sure your users hit our nearest server, whether they’re in Tokyo, SΓ£o Paolo, or Frankfurt. + + + +Read more on Fly regions [here](https://fly.io/docs/reference/regions/). + + +You can find the list of all available Fly regions by running: + +```shell +flyctl platform regions +``` + +#### Environment Variables + +If you are deploying an app that requires any other environment variables (like social auth secrets), you can set them with the `secrets set` command: + +``` +wasp deploy fly cmd secrets set GOOGLE_CLIENT_ID=<...> GOOGLE_CLIENT_SECRET=<...> --context=server +``` + +### Multiple Fly Organizations + +If you have multiple organizations, you can specify a `--org` option. For example: + +```shell +wasp deploy fly launch my-wasp-app mia --org hive +``` + +### Building Locally + +Fly.io offers support for both **locally** built Docker containers and **remotely** built ones. However, for simplicity and reproducibility, the CLI defaults to the use of a remote Fly.io builder. + +If you want to build locally, supply the `--build-locally` option to `wasp deploy fly launch` or `wasp deploy fly deploy`. diff --git a/web/versioned_docs/version-0.13.11/advanced/deployment/manually.md b/web/versioned_docs/version-0.13.11/advanced/deployment/manually.md new file mode 100644 index 0000000000..42311ab4ac --- /dev/null +++ b/web/versioned_docs/version-0.13.11/advanced/deployment/manually.md @@ -0,0 +1,586 @@ +--- +title: Deploying Manually +--- + +import useBaseUrl from '@docusaurus/useBaseUrl'; +import AddExternalAuthEnvVarsReminder from './\_addExternalAuthEnvVarsReminder.md' +import BuildingTheWebClient from './\_building-the-web-client.md' +import { Required } from '@site/src/components/Tag' + +This document explains how to build and prepare your Wasp app for deployment. +You can then deploy the built Wasp app wherever and however you want, as long as your provider/server +supports Wasp's build format. + +After going through the general steps that apply to all deployments, you can +follow step-by-step guides for deploying your Wasp app to the most popular +providers: + +- [Fly.io](#flyio) +- [Netlify](#netlify) +- [Railway](#railway) +- [Heroku](#heroku) + +No worries, you can still deploy your app if your desired provider isn't on the +list - it just means we don't yet have a step-by-step guide for you to follow. +Feel free to [open a +PR](https://github.com/wasp-lang/wasp/edit/release/web/docs/advanced/deployment/manually.md) +if you'd like to write one yourself :) + + +## Deploying a Wasp App + +Deploying a Wasp app comes down to the following: + +1. Generating deployable code. +1. Deploying the API server (backend). +1. Deploying the web client (frontend). +1. Deploying a PostgreSQL database and keeping it running. + +Let's go through each of these steps. + +### 1. Generating Deployable Code + +Running the command `wasp build` generates deployable code for the whole app in the `.wasp/build/` directory. + +``` +wasp build +``` + +:::caution PostgreSQL in production +You won't be able to build the app if you are using SQLite as a database (which is the default database). +You'll have to [switch to PostgreSQL](../../data-model/backends#migrating-from-sqlite-to-postgresql) before deploying to production. +::: + +### 2. Deploying the API Server (backend) + +There's a Dockerfile that defines an image for building the server in the `.wasp/build` directory. + +To run the server in production, deploy this Docker image to a hosting provider and ensure the required environment variables on the provider are correctly set up (the mechanism of setting these up is specific per provider). +All necessary environment variables are listed in the next section. + +#### Environment Variables + +Here are the environment variables your server will be looking for: + +- `DATABASE_URL` + + The URL of the PostgreSQL database you want your app to use (e.g., `postgresql://mydbuser:mypass@localhost:5432/nameofmydb`). + +- `WASP_WEB_CLIENT_URL` + + The URL where you plan to deploy your frontend app is running (e.g., `https://.netlify.app`). + The server needs to know about it to properly configure Same-Origin Policy (CORS) headers. + +- `WASP_SERVER_URL` + + The URL where the server is running (e.g., `https://.fly.dev`). + The server needs it to properly redirect users when logging in with OAuth providers like Google or GitHub. + +- `JWT_SECRET` ( if using Wasp Auth) + + You only need this environment variable if you're using Wasp's `auth` features. + Set it to a random string at least 32 characters long (you can use an [online generator](https://djecrety.ir/)). + +- `PORT` + + The server's HTTP port number. This is where the server listens for requests (default: `3001`). + + + + +While these are the general instructions on deploying the server anywhere, we also have more detailed instructions for chosen providers below, so check that out for more guidance if you are deploying to one of those providers. + +### 3. Deploying the Web Client (frontend) + + + +The command above will build the web client and put it in the `build/` directory in the `web-app` directory. + +Since the app's frontend is just a bunch of static files, you can deploy it to any static hosting provider. + +### 4. Deploying the Database + +Any PostgreSQL database will do, as long as you provide the server with the correct `DATABASE_URL` env var and ensure that the database is accessible from the server. + +## Different Providers + +We'll cover a few different deployment providers below: + +- Fly.io (server and database) +- Netlify (client) +- Railway (server, client and database) +- Heroku (server and database) + +## Fly.io (server and database) + +We will show how to deploy the server and provision a database for it on Fly.io. + +:::tip We automated this process for you +If you want to do all of the work below with one command, you can use the [Wasp CLI](../../advanced/deployment/cli#flyio). + +Wasp CLI deploys the server, deploys the client, and sets up a database. +It also gives you a way to redeploy (update) your app with a single command. +::: + +Fly.io offers a variety of free services that are perfect for deploying your first Wasp app! You will need a Fly.io account and the [`flyctl` CLI](https://fly.io/docs/hands-on/install-flyctl/). + +:::note +Fly.io offers support for both locally built Docker containers and remotely built ones. However, for simplicity and reproducibility, we will default to the use of a remote Fly.io builder. + +Additionally, `fly` is a symlink for `flyctl` on most systems and they can be used interchangeably. +::: + +Make sure you are logged in with `flyctl` CLI. You can check if you are logged in with `flyctl auth whoami`, and if you are not, you can log in with `flyctl auth login`. + +### Set Up a Fly.io App + +:::info +You need to do this only once per Wasp app. +::: + +Unless you already have a Fly.io app that you want to deploy to, let's create a new Fly.io app. + +After you have [built the app](#1-generating-deployable-code), position yourself in `.wasp/build/` directory: + +```shell +cd .wasp/build +``` + +Next, run the launch command to set up a new app and create a `fly.toml` file: + +```bash +flyctl launch --remote-only +``` + +This will ask you a series of questions, such as asking you to choose a region and whether you'd like a database. + +- Say **yes** to **Would you like to set up a PostgreSQL database now?** and select **Development**. Fly.io will set a `DATABASE_URL` for you. +- Say **no** to **Would you like to deploy now?** (and to any additional questions). + + We still need to set up several environment variables. + +:::info What if the database setup fails? +If your attempts to initiate a new app fail for whatever reason, then you should run `flyctl apps destroy ` before trying again. Fly does not allow you to create multiple apps with the same name. + +
+ + What does it look like when your DB is deployed correctly? + +
+

When your DB is deployed correctly, you'll see it in the Fly.io dashboard:

+ image +
+
+::: + +Next, let's copy the `fly.toml` file up to our Wasp project dir for safekeeping. +```shell +cp fly.toml ../../ +``` + +Next, let's add a few more environment variables: + +```bash +flyctl secrets set PORT=8080 +flyctl secrets set JWT_SECRET= +flyctl secrets set WASP_WEB_CLIENT_URL= +flyctl secrets set WASP_SERVER_URL= +``` + +:::note +If you do not know what your client URL is yet, don't worry. You can set `WASP_WEB_CLIENT_URL` after you deploy your client. +::: + + + +If you want to make sure you've added your secrets correctly, run `flyctl secrets list` in the terminal. Note that you will see hashed versions of your secrets to protect your sensitive data. + +### Deploy to a Fly.io App + +While still in the `.wasp/build/` directory, run: + +```bash +flyctl deploy --remote-only --config ../../fly.toml +``` + +This will build and deploy the backend of your Wasp app on Fly.io to `https://.fly.dev` 🀘🎸 + +Now, if you haven't, you can deploy your client and add the client URL by running `flyctl secrets set WASP_WEB_CLIENT_URL=`. We suggest using [Netlify](#netlify) for your client, but you can use any static hosting provider. + +Additionally, some useful `flyctl` commands: + +```bash +flyctl logs +flyctl secrets list +flyctl ssh console +``` + +### Redeploying After Wasp Builds + +When you rebuild your Wasp app (with `wasp build`), it will remove your `.wasp/build/` directory. In there, you may have a `fly.toml` from any prior Fly.io deployments. + +While we will improve this process in the future, in the meantime, you have a few options: + +1. Copy the `fly.toml` file to a versioned directory, like your Wasp project dir. + + From there, you can reference it in `flyctl deploy --config ` commands, like above. + +1. Backup the `fly.toml` file somewhere before running `wasp build`, and copy it into .wasp/build/ after. + + When the `fly.toml` file exists in .wasp/build/ dir, you do not need to specify the `--config `. + +1. Run `flyctl config save -a ` to regenerate the `fly.toml` file from the remote state stored in Fly.io. + +## Netlify (client) + +We'll show how to deploy the client on Netlify. + +Netlify is a static hosting solution that is free for many use cases. You will need a Netlify account and [Netlify CLI](https://docs.netlify.com/cli/get-started/) installed to follow these instructions. + +Make sure you are logged in with Netlify CLI. You can check if you are logged in with `netlify status`, and if you are not, you can log in with `netlify login`. + +First, make sure you have [built the Wasp app](#1-generating-deployable-code). We'll build the client web app next. + + + +We can now deploy the client with: + +```shell +netlify deploy +``` + + + +Carefully follow the instructions i.e. do you want to create a new app or use an existing one, the team under which your app will reside etc. + + + +The final step is to run: + +```shell +netlify deploy --prod` +``` + +That is it! Your client should be live at `https://.netlify.app` ✨ + +:::note +Make sure you set this URL as the `WASP_WEB_CLIENT_URL` environment variable in your server hosting environment (e.g., Fly.io or Heroku). +::: + +## Railway (server, client and database) + +We will show how to deploy the client, the server, and provision a database on Railway. + +Railway is a simple and great way to host your server and database. It's also possible to deploy your entire app: database, server, and client. You can use the platform for free for a limited time, or if you meet certain eligibility requirements. See their [plans page](https://docs.railway.app/reference/plans) for more info. + +### Prerequisites + +To get started, follow these steps: + +1. Make sure your Wasp app is built by running `wasp build` in the project dir. +2. Create a [Railway](https://railway.app/) account + + :::tip Free Tier + Sign up with your GitHub account to be eligible for the free tier + ::: + +3. Install the [Railway CLI](https://docs.railway.app/develop/cli#installation) +4. Run `railway login` and a browser tab will open to authenticate you. + +### Create New Project + +Let's create our Railway project: + +1. Go to your [Railway dashboard](https://railway.app/dashboard), click on **New Project**, and select `Provision PostgreSQL` from the dropdown menu. +2. Once it initializes, right-click on the **New** button in the top right corner and select **Empty Service**. +3. Once it initializes, click on it, go to **Settings > General** and change the name to `server` +4. Go ahead and create another empty service and name it `client` + +![Changing the name](/img/deploying/railway-rename.png) + +### Deploy Your App to Railway + +#### Setup Domains + +We'll need the domains for both the `server` and `client` services: + +1. Go to the `server` instance's `Settings` tab, and click `Generate Domain`. +2. Do the same under the `client`'s `Settings`. + +Copy the domains as we will need them later. + +#### Deploying the Server + +Let's deploy our server first: + +1. Move into your app's `.wasp/build/` directory: + + ```shell + cd .wasp/build + ``` + +2. Link your app build to your newly created Railway project: + + ```shell + railway link + ``` + +3. Go into the Railway dashboard and set up the required env variables: + + Open the `Settings` and go to the `Variables` tab: + + - click **Variable reference** and select `DATABASE_URL` (it will populate it with the correct value) + - add `WASP_WEB_CLIENT_URL` - enter the `client` domain (e.g. `https://client-production-XXXX.up.railway.app`) + - add `WASP_SERVER_URL` - enter the `server` domain (e.g. `https://server-production-XXXX.up.railway.app`) + - add `JWT_SECRET` - enter a random string at least 32 characters long (use an [online generator](https://djecrety.ir/)) + + + +4. Push and deploy the project: + +```shell +railway up +``` + +Select `server` when prompted with `Select Service`. + +Railway will now locate the Dockerfile and deploy your server πŸ‘ + +#### Deploying the Client + +1. Next, change into your app's frontend build directory `.wasp/build/web-app`: + + ```shell + cd web-app + ``` + +2. Create the production build, using the `server` domain as the `REACT_APP_API_URL`: + + ```shell + npm install && REACT_APP_API_URL= npm run build + ``` + +3. Next, we want to link this specific frontend directory to our project as well: + + ```shell + railway link + ``` + +4. We need to configure Railway's static hosting for our client. + + :::info Setting Up Static Hosting + + Copy the `build` folder within the `web-app` directory to `dist`: + + ```shell + cp -r build dist + ``` + + We'll need to create the following files: + + - `Dockerfile` with: + + ```Dockerfile title="Dockerfile" + FROM pierrezemb/gostatic + CMD [ "-fallback", "index.html" ] + COPY ./dist/ /srv/http/ + ``` + + - `.dockerignore` with: + ```bash title=".dockerignore" + node_modules/ + ``` + + You'll need to repeat these steps **each time** you run `wasp build` as it will remove the `.wasp/build/web-app` directory. + +
+ + Here's a useful shell script to do the process + + + If you want to automate the process, save the following as `deploy_client.sh` in the root of your project: + + ```bash title="deploy_client.sh" + #!/usr/bin/env bash + + if [ -z "$REACT_APP_API_URL" ] + then + echo "REACT_APP_API_URL is not set" + exit 1 + fi + + wasp build + cd .wasp/build/web-app + + npm install && REACT_APP_API_URL=$REACT_APP_API_URL npm run build + + cp -r build dist + + dockerfile_contents=$(cat < Dockerfile + echo "$dockerignore_contents" > .dockerignore + + railway up + ``` + + Make it executable with: + + ```shell + chmod +x deploy_client.sh + ``` + + You can run it with: + + ```shell + REACT_APP_API_URL= ./deploy_client.sh + ``` + +
+ ::: + +5. Set the `PORT` environment variable to `8043` under the `Variables` tab. + +6. Deploy the client and select `client` when prompted with `Select Service`: + +```shell +railway up +``` + +#### Conclusion + +And now your Wasp should be deployed! 🐝 πŸš‚ πŸš€ + +Back in your [Railway dashboard](https://railway.app/dashboard), click on your project and you should see your newly deployed services: PostgreSQL, Server, and Client. + +### Updates & Redeploying + +When you make updates and need to redeploy: + +- run `wasp build` to rebuild your app +- run `railway up` in the `.wasp/build` directory (server) +- repeat all the steps in the `.wasp/build/web-app` directory (client) + +## Heroku (server and database) + +We will show how to deploy the server and provision a database for it on Heroku. + +:::note +Heroku used to offer free apps under certain limits. However, as of November 28, 2022, they ended support for their free tier. https://blog.heroku.com/next-chapter + +As such, we recommend using an alternative provider like [Fly.io](#flyio) for your first apps. +::: + +You will need Heroku account, `heroku` [CLI](https://devcenter.heroku.com/articles/heroku-cli) and `docker` CLI installed to follow these instructions. + +Make sure you are logged in with `heroku` CLI. You can check if you are logged in with `heroku whoami`, and if you are not, you can log in with `heroku login`. + +### Set Up a Heroku App + +:::info +You need to do this only once per Wasp app. +::: + +Unless you want to deploy to an existing Heroku app, let's create a new Heroku app: + +``` +heroku create +``` + +Unless you have an external PostgreSQL database that you want to use, let's create a new database on Heroku and attach it to our app: + +``` +heroku addons:create --app heroku-postgresql:mini +``` + +:::caution +Heroku does not offer a free plan anymore and `mini` is their cheapest database instance - it costs $5/mo. +::: + +Heroku will also set `DATABASE_URL` env var for us at this point. If you are using an external database, you will have to set it up yourself. + +The `PORT` env var will also be provided by Heroku, so the ones left to set are the `JWT_SECRET`, `WASP_WEB_CLIENT_URL` and `WASP_SERVER_URL` env vars: + +``` +heroku config:set --app JWT_SECRET= +heroku config:set --app WASP_WEB_CLIENT_URL= +heroku config:set --app WASP_SERVER_URL= +``` + +:::note +If you do not know what your client URL is yet, don't worry. You can set `WASP_WEB_CLIENT_URL` after you deploy your client. +::: + +### Deploy to a Heroku App + +After you have [built the app](#1-generating-deployable-code), position yourself in `.wasp/build/` directory: + +```shell +cd .wasp/build +``` + +assuming you were at the root of your Wasp project at that moment. + +Log in to Heroku Container Registry: + +```shell +heroku container:login +``` + +Build the docker image and push it to Heroku: + +```shell +heroku container:push --app web +``` + +App is still not deployed at this point. +This step might take some time, especially the very first time, since there are no cached docker layers. + +:::note Note for Apple Silicon Users +Apple Silicon users need to build a non-Arm image, so the above step will not work at this time. Instead of `heroku container:push`, users instead should: + +```shell +docker buildx build --platform linux/amd64 -t . +docker tag registry.heroku.com//web +docker push registry.heroku.com//web +``` + +You are now ready to proceed to the next step. +::: + +Deploy the pushed image and restart the app: + +```shell +heroku container:release --app web +``` + +This is it, the backend is deployed at `https://-XXXX.herokuapp.com` πŸŽ‰ + +Find out the exact app URL with: + +```shell +heroku info --app +``` + +Additionally, you can check out the logs with: + +```shell +heroku logs --tail --app +``` + +:::note Using `pg-boss` with Heroku + +If you wish to deploy an app leveraging [Jobs](../../advanced/jobs) that use `pg-boss` as the executor to Heroku, you need to set an additional environment variable called `PG_BOSS_NEW_OPTIONS` to `{"connectionString":"","ssl":{"rejectUnauthorized":false}}`. This is because pg-boss uses the `pg` extension, which does not seem to connect to Heroku over SSL by default, which Heroku requires. Additionally, Heroku uses a self-signed cert, so we must handle that as well. + +Read more: https://devcenter.heroku.com/articles/connecting-heroku-postgres#connecting-in-node-js +::: diff --git a/web/versioned_docs/version-0.13.11/advanced/deployment/overview.md b/web/versioned_docs/version-0.13.11/advanced/deployment/overview.md new file mode 100644 index 0000000000..4d1ac99110 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/advanced/deployment/overview.md @@ -0,0 +1,44 @@ +--- +title: Overview +--- + +import { DeploymentOptionsGrid } from './DeploymentOptionsGrid.tsx'; + +Wasp apps are full-stack apps that consist of: +- A Node.js server. +- A static client. +- A PostgreSQL database. + +You can deploy each part **anywhere** where you can usually deploy Node.js apps or static apps. For example, you can deploy your client on [Netlify](https://www.netlify.com/), the server on [Fly.io](https://fly.io/), and the database on [Neon](https://neon.tech/). + +To make deploying as smooth as possible, Wasp also offers a single-command deployment through the **Wasp CLI**. + + + +Regardless of how you choose to deploy your app (i.e., manually or using the Wasp CLI), you'll need to know about some common patterns covered below. + +## Customizing the Dockerfile +By default, Wasp generates a multi-stage Dockerfile. +This file is used to build and run a Docker image with the Wasp-generated server code. +It also runs any pending migrations. + +You can **add extra steps to this multi-stage `Dockerfile`** by creating your own `Dockerfile` in the project's root directory. +If Wasp finds a Dockerfile in the project's root, it appends its contents at the _bottom_ of the default multi-stage Dockerfile. + +Since the last definition in a Dockerfile wins, you can override or continue from any existing build stages. +You can also choose not to use any of our build stages and have your own custom Dockerfile used as-is. + +A few things to keep in mind: + +- If you override an intermediate build stage, no later build stages will be used unless you reproduce them below. +- The generated Dockerfile's content is dynamic and depends on which features your app uses. The content can also change in future releases, so please verify it from time to time. +- Make sure to supply `ENTRYPOINT` in your final build stage. Your changes won't have any effect if you don't. + +Read more in the official Docker docs on [multi-stage builds](https://docs.docker.com/build/building/multi-stage/). + +To see what your project's (potentially combined) Dockerfile will look like, run: +```shell +wasp dockerfile +``` + +Join our [Discord](https://discord.gg/rzdnErX) if you have any questions, or if you need more customization than this hook provides. diff --git a/web/versioned_docs/version-0.13.11/advanced/email/_dummy-provider-note.md b/web/versioned_docs/version-0.13.11/advanced/email/_dummy-provider-note.md new file mode 100644 index 0000000000..861476e6e9 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/advanced/email/_dummy-provider-note.md @@ -0,0 +1,4 @@ +:::note Dummy Provider is not for production use + +The `Dummy` provider is not for production use. It is only meant to be used during development. If you try building your app with the `Dummy` provider, the build will fail. +::: \ No newline at end of file diff --git a/web/versioned_docs/version-0.13.11/advanced/email/email.md b/web/versioned_docs/version-0.13.11/advanced/email/email.md new file mode 100644 index 0000000000..d6288dc57c --- /dev/null +++ b/web/versioned_docs/version-0.13.11/advanced/email/email.md @@ -0,0 +1,401 @@ +--- +title: Sending Emails +--- + +import { Required } from '@site/src/components/Tag' +import { ShowForTs, ShowForJs } from '@site/src/components/TsJsHelpers' +import DummyProviderNote from './_dummy-provider-note.md' + +# Sending Emails + +With Wasp's email-sending feature, you can easily integrate email functionality into your web application. + + + + +```wasp title="main.wasp" +app Example { + ... + emailSender: { + provider: , + defaultFrom: { + name: "Example", + email: "hello@itsme.com" + }, + } +} +``` + + + + +```wasp title="main.wasp" +app Example { + ... + emailSender: { + provider: , + defaultFrom: { + name: "Example", + email: "hello@itsme.com" + }, + } +} +``` + + + + +Choose from one of the providers: + +- `Dummy` (development only), +- `Mailgun`, +- `SendGrid` +- or the good old `SMTP`. + +Optionally, define the `defaultFrom` field, so you don't need to provide it whenever sending an email. + +## Sending Emails + +Before jumping into details about setting up various providers, let's see how easy it is to send emails. + +You import the `emailSender` that is provided by the `wasp/server/email` module and call the `send` method on it. + + + + +```js title="src/actions/sendEmail.js" +import { emailSender } from "wasp/server/email"; + +// In some action handler... +const info = await emailSender.send({ + from: { + name: "John Doe", + email: "john@doe.com", + }, + to: "user@domain.com", + subject: "Saying hello", + text: "Hello world", + html: "Hello world", +}); +``` + + + + +```ts title="src/actions/sendEmail.ts" +import { emailSender } from "wasp/server/email"; + +// In some action handler... +const info = await emailSender.send({ + from: { + name: "John Doe", + email: "john@doe.com", + }, + to: "user@domain.com", + subject: "Saying hello", + text: "Hello world", + html: "Hello world", +}); +``` + + + + +Read more about the `send` method in the [API Reference](#javascript-api). + +The `send` method returns an object with the status of the sent email. It varies depending on the provider you use. + +## Providers + +We'll go over all of the available providers in the next section. For some of them, you'll need to set up some env variables. You can do that in the `.env.server` file. + +### Using the Dummy Provider + + + +To speed up development, Wasp offers a `Dummy` email sender that `console.log`s the emails in the console. Since it doesn't send emails for real, it doesn't require any setup. + +Set the provider to `Dummy` in your `main.wasp` file. + + + + +```wasp title="main.wasp" +app Example { + ... + emailSender: { + provider: Dummy, + } +} +``` + + + + +```wasp title="main.wasp" +app Example { + ... + emailSender: { + provider: Dummy, + } +} +``` + + + + +### Using the SMTP Provider + +First, set the provider to `SMTP` in your `main.wasp` file. + + + + +```wasp title="main.wasp" +app Example { + ... + emailSender: { + provider: SMTP, + } +} +``` + + + + +```wasp title="main.wasp" +app Example { + ... + emailSender: { + provider: SMTP, + } +} +``` + + + + +Then, add the following env variables to your `.env.server` file. + +```properties title=".env.server" +SMTP_HOST= +SMTP_USERNAME= +SMTP_PASSWORD= +SMTP_PORT= +``` + +Many transactional email providers (e.g. Mailgun, SendGrid but also others) can also use SMTP, so you can use them as well. + +### Using the Mailgun Provider + +Set the provider to `Mailgun` in the `main.wasp` file. + + + + +```wasp title="main.wasp" +app Example { + ... + emailSender: { + provider: Mailgun, + } +} +``` + + + + +```wasp title="main.wasp" +app Example { + ... + emailSender: { + provider: Mailgun, + } +} +``` + + + + +Then, get the Mailgun API key and domain and add them to your `.env.server` file. + +#### Getting the API Key and Domain + +1. Go to [Mailgun](https://www.mailgun.com/) and create an account. +2. Go to [API Keys](https://app.mailgun.com/app/account/security/api_keys) and create a new API key. +3. Copy the API key and add it to your `.env.server` file. +4. Go to [Domains](https://app.mailgun.com/app/domains) and create a new domain. +5. Copy the domain and add it to your `.env.server` file. + +```properties title=".env.server" +MAILGUN_API_KEY= +MAILGUN_DOMAIN= +``` + +### Using the SendGrid Provider + +Set the provider field to `SendGrid` in your `main.wasp` file. + + + + +```wasp title="main.wasp" +app Example { + ... + emailSender: { + provider: SendGrid, + } +} +``` + + + + +```wasp title="main.wasp" +app Example { + ... + emailSender: { + provider: SendGrid, + } +} +``` + + + + +Then, get the SendGrid API key and add it to your `.env.server` file. + +#### Getting the API Key + +1. Go to [SendGrid](https://sendgrid.com/) and create an account. +2. Go to [API Keys](https://app.sendgrid.com/settings/api_keys) and create a new API key. +3. Copy the API key and add it to your `.env.server` file. + +```properties title=".env.server" +SENDGRID_API_KEY= +``` + +## API Reference + +### `emailSender` dict + + + + +```wasp title="main.wasp" +app Example { + ... + emailSender: { + provider: , + defaultFrom: { + name: "Example", + email: "hello@itsme.com" + }, + } +} +``` + + + + +```wasp title="main.wasp" +app Example { + ... + emailSender: { + provider: , + defaultFrom: { + name: "Example", + email: "hello@itsme.com" + }, + } +} +``` + + + + +The `emailSender` dict has the following fields: + +- `provider: Provider` + + The provider you want to use. Choose from `Dummy`, `SMTP`, `Mailgun` or `SendGrid`. + + + +- `defaultFrom: dict` + + The default sender's details. If you set this field, you don't need to provide the `from` field when sending an email. + +### JavaScript API + +Using the `emailSender` in TypescriptJavaScript: + + + +```js title="src/actions/sendEmail.js" +import { emailSender } from "wasp/server/email"; + +// In some action handler... +const info = await emailSender.send({ + from: { + name: "John Doe", + email: "john@doe.com", + }, + to: "user@domain.com", + subject: "Saying hello", + text: "Hello world", + html: "Hello world", +}); +``` + + + + +```ts title="src/actions/sendEmail.ts" +import { emailSender } from "wasp/server/email"; + +// In some action handler... +const info = await emailSender.send({ + from: { + name: "John Doe", + email: "john@doe.com", + }, + to: "user@domain.com", + subject: "Saying hello", + text: "Hello world", + html: "Hello world", +}); +``` + + + + +The `send` method accepts an object with the following fields: + +- `from: object` + + The sender's details. If you set up `defaultFrom` field in the `emailSender` dict in Wasp file, this field is optional. + + - `name: string` + + The name of the sender. + + - `email: string` + + The email address of the sender. + +- `to: string` + + The recipient's email address. + +- `subject: string` + + The subject of the email. + +- `text: string` + + The text version of the email. + +- `html: string` + + The HTML version of the email diff --git a/web/versioned_docs/version-0.13.11/advanced/jobs.md b/web/versioned_docs/version-0.13.11/advanced/jobs.md new file mode 100644 index 0000000000..666cebdb67 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/advanced/jobs.md @@ -0,0 +1,425 @@ +--- +title: Recurring Jobs +--- + +import { Required } from '@site/src/components/Tag' +import { ShowForTs, ShowForJs } from '@site/src/components/TsJsHelpers' + +In most web apps, users send requests to the server and receive responses with some data. When the server responds quickly, the app feels responsive and smooth. + +What if the server needs extra time to fully process the request? This might mean sending an email or making a slow HTTP request to an external API. In that case, it's a good idea to respond to the user as soon as possible and do the remaining work in the background. + +Wasp supports background jobs that can help you with this: + - Jobs persist between server restarts, + - Jobs can be retried if they fail, + - Jobs can be delayed until a future time, + - Jobs can have a recurring schedule. + +## Using Jobs + +### Job Definition and Usage + +Let's write an example Job that will print a message to the console and return a list of tasks from the database. + +1. Start by creating a Job declaration in your `.wasp` file: + + + + + ```wasp title="main.wasp" + job mySpecialJob { + executor: PgBoss, + perform: { + fn: import { foo } from "@src/workers/bar" + }, + entities: [Task], + } + ``` + + + + ```wasp title="main.wasp" + job mySpecialJob { + executor: PgBoss, + perform: { + fn: import { foo } from "@src/workers/bar" + }, + entities: [Task], + } + ``` + + + +2. After declaring the Job, implement its worker function: + + + + + ```js title="src/workers/bar.js" + export const foo = async ({ name }, context) => { + console.log(`Hello ${name}!`) + const tasks = await context.entities.Task.findMany({}) + return { tasks } + } + ``` + + + + ```ts title="src/workers/bar.ts" + import { type MySpecialJob } from 'wasp/server/jobs' + import { type Task } from 'wasp/entities' + + type Input = { name: string; } + type Output = { tasks: Task[]; } + + export const foo: MySpecialJob = async ({ name }, context) => { + console.log(`Hello ${name}!`) + const tasks = await context.entities.Task.findMany({}) + return { tasks } + } + ``` + + + + :::info The worker function + The worker function must be an `async` function. The function's return value represents the Job's result. + + The worker function accepts two arguments: + - `args`: The data passed into the job when it's submitted. + - `context: { entities }`: The context object containing entities you put in the Job declaration. + ::: + + + + `MySpecialJob` is a generic type Wasp generates to help you correctly type the Job's worker function, ensuring type information about the function's arguments and return value. Read more about type-safe jobs in the [Javascript API section](#javascript-api). + + +3. After successfully defining the job, you can submit work to be done in your [Operations](../data-model/operations/overview) or [setupFn](../project/server-config#setup-function) (or any other NodeJS code): + + + + + ```js title="someAction.js" + import { mySpecialJob } from 'wasp/server/jobs' + + const submittedJob = await mySpecialJob.submit({ job: "Johnny" }) + + // Or, if you'd prefer it to execute in the future, just add a .delay(). + // It takes a number of seconds, Date, or ISO date string. + await mySpecialJob + .delay(10) + .submit({ name: "Johnny" }) + ``` + + + + ```ts title="someAction.ts" + import { mySpecialJob } from 'wasp/server/jobs' + + const submittedJob = await mySpecialJob.submit({ job: "Johnny" }) + + // Or, if you'd prefer it to execute in the future, just add a .delay(). + // It takes a number of seconds, Date, or ISO date string. + await mySpecialJob + .delay(10) + .submit({ name: "Johnny" }) + ``` + + + +And that's it. Your job will be executed by `PgBoss` as if you called `foo({ name: "Johnny" })`. + +In our example, `foo` takes an argument, but passing arguments to jobs is not a requirement. It depends on how you've implemented your worker function. + +### Recurring Jobs + +If you have work that needs to be done on some recurring basis, you can add a `schedule` to your job declaration: + + + + +```wasp {6-9} title="main.wasp" +job mySpecialJob { + executor: PgBoss, + perform: { + fn: import { foo } from "@src/workers/bar" + }, + schedule: { + cron: "0 * * * *", + args: {=json { "job": "args" } json=} // optional + } +} +``` + + + +```wasp {6-9} title="main.wasp" +job mySpecialJob { + executor: PgBoss, + perform: { + fn: import { foo } from "@src/workers/bar" + }, + schedule: { + cron: "0 * * * *", + args: {=json { "job": "args" } json=} // optional + } +} +``` + + + +In this example, you _don't_ need to invoke anything in JavaScriptTypescript. You can imagine `foo({ job: "args" })` getting automatically scheduled and invoked for you every hour. + + + + +## API Reference + +### Declaring Jobs + + + + +```wasp title="main.wasp" +job mySpecialJob { + executor: PgBoss, + perform: { + fn: import { foo } from "@src/workers/bar", + executorOptions: { + pgBoss: {=json { "retryLimit": 1 } json=} + } + }, + schedule: { + cron: "*/5 * * * *", + args: {=json { "foo": "bar" } json=}, + executorOptions: { + pgBoss: {=json { "retryLimit": 0 } json=} + } + }, + entities: [Task], +} +``` + + + +```wasp title="main.wasp" +job mySpecialJob { + executor: PgBoss, + perform: { + fn: import { foo } from "@src/workers/bar", + executorOptions: { + pgBoss: {=json { "retryLimit": 1 } json=} + } + }, + schedule: { + cron: "*/5 * * * *", + args: {=json { "foo": "bar" } json=}, + executorOptions: { + pgBoss: {=json { "retryLimit": 0 } json=} + } + }, + entities: [Task], +} +``` + + + +The Job declaration has the following fields: + +- `executor: JobExecutor` + + :::note Job executors + Our jobs need job executors to handle the _scheduling, monitoring, and execution_. + + `PgBoss` is currently our only job executor, and is recommended for low-volume production use cases. It requires your `app.db.system` to be `PostgreSQL`. + ::: + + We have selected [pg-boss](https://github.com/timgit/pg-boss/) as our first job executor to handle the low-volume, basic job queue workloads many web applications have. By using PostgreSQL (and [SKIP LOCKED](https://www.2ndquadrant.com/en/blog/what-is-select-skip-locked-for-in-postgresql-9-5/)) as its storage and synchronization mechanism, it allows us to provide many job queue pros without any additional infrastructure or complex management. + + :::info + Keep in mind that pg-boss jobs run alongside your other server-side code, so they are not appropriate for CPU-heavy workloads. Additionally, some care is required if you modify scheduled jobs. Please see pg-boss details below for more information. + +
+ pg-boss details + + pg-boss provides many useful features, which can be found [here](https://github.com/timgit/pg-boss/blob/8.4.2/README.md). + + When you add pg-boss to a Wasp project, it will automatically add a new schema to your database called `pgboss` with some internal tracking tables, including `job` and `schedule`. pg-boss tables have a `name` column in most tables that will correspond to your Job identifier. Additionally, these tables maintain arguments, states, return values, retry information, start and expiration times, and other metadata required by pg-boss. + + If you need to customize the creation of the pg-boss instance, you can set an environment variable called `PG_BOSS_NEW_OPTIONS` to a stringified JSON object containing [these initialization parameters](https://github.com/timgit/pg-boss/blob/8.4.2/docs/readme.md#newoptions). **NOTE**: Setting this overwrites all Wasp defaults, so you must include database connection information as well. + + ### pg-boss considerations + - Wasp starts pg-boss alongside your web server's application, where both are simultaneously operational. This means that jobs running via pg-boss and the rest of the server logic (like Operations) share the CPU, therefore you should avoid running CPU-intensive tasks via jobs. + - Wasp does not (yet) support independent, horizontal scaling of pg-boss-only applications, nor starting them as separate workers/processes/threads. + - The job name/identifier in your `.wasp` file is the same name that will be used in the `name` column of pg-boss tables. If you change a name that had a `schedule` associated with it, pg-boss will continue scheduling those jobs but they will have no handlers associated, and will thus become stale and expire. To resolve this, you can remove the applicable row from the `schedule` table in the `pgboss` schema of your database. + - If you remove a `schedule` from a job, you will need to do the above as well. + - If you wish to deploy to Heroku, you need to set an additional environment variable called `PG_BOSS_NEW_OPTIONS` to `{"connectionString":"","ssl":{"rejectUnauthorized":false}}`. This is because pg-boss uses the `pg` extension, which does not seem to connect to Heroku over SSL by default, which Heroku requires. Additionally, Heroku uses a self-signed cert, so we must handle that as well. + - https://devcenter.heroku.com/articles/connecting-heroku-postgres#connecting-in-node-js + +
+ + ::: + +- `perform: dict` + + - `fn: ExtImport` + + - An `async` function that performs the work. Since Wasp executes Jobs on the server, the import path must lead to a NodeJS file. + - It receives the following arguments: + - `args: Input`: The data passed to the job when it's submitted. + - `context: { entities: Entities }`: The context object containing any declared entities. + + Here's an example of a `perform.fn` function: + + + + + ```js title="src/workers/bar.js" + export const foo = async ({ name }, context) => { + console.log(`Hello ${name}!`) + const tasks = await context.entities.Task.findMany({}) + return { tasks } + } + ``` + + + + ```ts title="src/workers/bar.ts" + import { type MySpecialJob } from 'wasp/server/jobs' + + type Input = { name: string; } + type Output = { tasks: Task[]; } + + export const foo: MySpecialJob = async (args, context) => { + console.log(`Hello ${name}!`) + const tasks = await context.entities.Task.findMany({}) + return { tasks } + } + ``` + + Read more about type-safe jobs in the [Javascript API section](#javascript-api). + + + + - `executorOptions: dict` + + Executor-specific default options to use when submitting jobs. These are passed directly through and you should consult the documentation for the job executor. These can be overridden during invocation with `submit()` or in a `schedule`. + + - `pgBoss: JSON` + + See the docs for [pg-boss](https://github.com/timgit/pg-boss/blob/8.4.2/docs/readme.md#sendname-data-options). + +- `schedule: dict` + + - `cron: string` + + A 5-placeholder format cron expression string. See rationale for minute-level precision [here](https://github.com/timgit/pg-boss/blob/8.4.2/docs/readme.md#scheduling). + + _If you need help building cron expressions, Check out_ [Crontab guru](https://crontab.guru/#0_*_*_*_*). + + - `args: JSON` + + The arguments to pass to the `perform.fn` function when invoked. + + - `executorOptions: dict` + + Executor-specific options to use when submitting jobs. These are passed directly through and you should consult the documentation for the job executor. The `perform.executorOptions` are the default options, and `schedule.executorOptions` can override/extend those. + + - `pgBoss: JSON` + + See the docs for [pg-boss](https://github.com/timgit/pg-boss/blob/8.4.2/docs/readme.md#sendname-data-options). + +- `entities: [Entity]` + + A list of entities you wish to use inside your Job (similar to [Queries and Actions](../data-model/operations/queries#using-entities-in-queries)). + +### JavaScript API + +- Importing a Job: + + + + + ```js title="someAction.js" + import { mySpecialJob } from 'wasp/server/jobs' + ``` + + + + ```ts title="someAction.ts" + import { mySpecialJob, type MySpecialJob } from 'wasp/server/jobs' + ``` + + :::info Type-safe jobs + Wasp generates a generic type for each Job declaration, which you can use to type your `perform.fn` function. The type is named after the job declaration, and is available in the `wasp/server/jobs` module. In the example above, the type is `MySpecialJob`. + + The type takes two type arguments: + - `Input`: The type of the `args` argument of the `perform.fn` function. + - `Output`: The type of the return value of the `perform.fn` function. + ::: + + + + +- `submit(jobArgs, executorOptions)` + - `jobArgs: Input` + - `executorOptions: object` + + Submits a Job to be executed by an executor, optionally passing in a JSON job argument your job handler function receives, and executor-specific submit options. + + + + + ```js title="someAction.js" + const submittedJob = await mySpecialJob.submit({ job: "args" }) + ``` + + + + ```js title="someAction.ts" + const submittedJob = await mySpecialJob.submit({ job: "args" }) + ``` + + + +- `delay(startAfter)` + - `startAfter: int | string | Date` + + Delaying the invocation of the job handler. The delay can be one of: + - Integer: number of seconds to delay. [Default 0] + - String: ISO date string to run at. + - Date: Date to run at. + + + + + ```js title="someAction.js" + const submittedJob = await mySpecialJob + .delay(10) + .submit({ job: "args" }, { "retryLimit": 2 }) + ``` + + + + ```ts title="someAction.ts" + const submittedJob = await mySpecialJob + .delay(10) + .submit({ job: "args" }, { "retryLimit": 2 }) + ``` + + + +#### Tracking +The return value of `submit()` is an instance of `SubmittedJob`, which has the following fields: +- `jobId`: The ID for the job in that executor. +- `jobName`: The name of the job you used in your `.wasp` file. +- `executorName`: The Symbol of the name of the job executor. + +There are also some namespaced, job executor-specific objects. + +- For pg-boss, you may access: `pgBoss` + - `details()`: pg-boss specific job detail information. [Reference](https://github.com/timgit/pg-boss/blob/8.4.2/docs/readme.md#getjobbyidid) + - `cancel()`: attempts to cancel a job. [Reference](https://github.com/timgit/pg-boss/blob/8.4.2/docs/readme.md#cancelid) + - `resume()`: attempts to resume a canceled job. [Reference](https://github.com/timgit/pg-boss/blob/8.4.2/docs/readme.md#resumeid) diff --git a/web/versioned_docs/version-0.13.11/advanced/links.md b/web/versioned_docs/version-0.13.11/advanced/links.md new file mode 100644 index 0000000000..165b9cb18e --- /dev/null +++ b/web/versioned_docs/version-0.13.11/advanced/links.md @@ -0,0 +1,134 @@ +--- +title: Type-Safe Links +--- + +import { Required } from '@site/src/components/Tag' + +If you are using Typescript, you can use Wasp's custom `Link` component to create type-safe links to other pages on your site. + +## Using the `Link` Component + +After you defined a route: + +```wasp title="main.wasp" +route TaskRoute { path: "/task/:id", to: TaskPage } +page TaskPage { ... } +``` + +You can get the benefits of type-safe links by using the `Link` component from `wasp/client/router`: + +```jsx title="TaskList.tsx" +import { Link } from 'wasp/client/router' + +export const TaskList = () => { + // ... + + return ( +
+ {tasks.map((task) => ( + + {/* πŸ‘† All the params must be correctly passed in */} + {task.description} + + ))} +
+ ) +} +``` + +### Using Search Query & Hash + +You can also pass `search` and `hash` props to the `Link` component: + +```tsx title="TaskList.tsx" + + {task.description} + +``` + +This will result in a link like this: `/task/1?sortBy=date#comments`. Check out the [API Reference](#link-component) for more details. + +## The `routes` Object + +You can also get all the pages in your app with the `routes` object: + +```jsx title="TaskList.tsx" +import { routes } from 'wasp/client/router' + +const linkToTask = routes.TaskRoute.build({ params: { id: 1 } }) +``` + +This will result in a link like this: `/task/1`. + +You can also pass `search` and `hash` props to the `build` function. Check out the [API Reference](#routes-object) for more details. + + +## API Reference + +### `Link` Component + +The `Link` component accepts the following props: +- `to` + + - A valid Wasp Route path from your `main.wasp` file. + +- `params: { [name: string]: string | number }` (if the path contains params) + + - An object with keys and values for each param in the path. + - For example, if the path is `/task/:id`, then the `params` prop must be `{ id: 1 }`. Wasp supports required and optional params. + +- `search: string[][] | Record | string | URLSearchParams` + + - Any valid input for `URLSearchParams` constructor. + - For example, the object `{ sortBy: 'date' }` becomes `?sortBy=date`. + +- `hash: string` +- all other props that the `react-router-dom`'s [Link](https://v5.reactrouter.com/web/api/Link) component accepts + + +### `routes` Object + +The `routes` object contains a function for each route in your app. + +```ts title="router.tsx" +export const routes = { + // RootRoute has a path like "/" + RootRoute: { + build: (options?: { + search?: string[][] | Record | string | URLSearchParams + hash?: string + }) => // ... + }, + + // DetailRoute has a path like "/task/:id/:something?" + DetailRoute: { + build: ( + options: { + params: { id: ParamValue; something?: ParamValue; }, + search?: string[][] | Record | string | URLSearchParams + hash?: string + } + ) => // ... + } +} +``` + +The `params` object is required if the route contains params. The `search` and `hash` parameters are optional. + +You can use the `routes` object like this: + +```tsx +import { routes } from 'wasp/client/router' + +const linkToRoot = routes.RootRoute.build() +const linkToTask = routes.DetailRoute.build({ params: { id: 1 } }) +``` diff --git a/web/versioned_docs/version-0.13.11/advanced/middleware-config.md b/web/versioned_docs/version-0.13.11/advanced/middleware-config.md new file mode 100644 index 0000000000..1afe755823 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/advanced/middleware-config.md @@ -0,0 +1,279 @@ +--- +title: Configuring Middleware +--- +import { ShowForTs } from '@site/src/components/TsJsHelpers'; + +Wasp comes with a minimal set of useful Express middleware in every application. While this is good for most users, we realize some may wish to add, modify, or remove some of these choices both globally, or on a per-`api`/path basis. + +## Default Global Middleware 🌍 + +Wasp's Express server has the following middleware by default: + +- [Helmet](https://helmetjs.github.io/): Helmet helps you secure your Express apps by setting various HTTP headers. _It's not a silver bullet, but it's a good start._ +- [CORS](https://github.com/expressjs/cors#readme): CORS is a package for providing a middleware that can be used to enable [CORS](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) with various options. + + :::note + CORS middleware is required for the frontend to communicate with the backend. + ::: +- [Morgan](https://github.com/expressjs/morgan#readme): HTTP request logger middleware. +- [express.json](https://expressjs.com/en/api.html#express.json) (which uses [body-parser](https://github.com/expressjs/body-parser#bodyparserjsonoptions)): parses incoming request bodies in a middleware before your handlers, making the result available under the `req.body` property. + + :::note + JSON middleware is required for [Operations](../data-model/operations/overview) to function properly. + ::: +- [express.urlencoded](https://expressjs.com/en/api.html#express.urlencoded) (which uses [body-parser](https://expressjs.com/en/resources/middleware/body-parser.html#bodyparserurlencodedoptions)): returns middleware that only parses urlencoded bodies and only looks at requests where the `Content-Type` header matches the type option. +- [cookieParser](https://github.com/expressjs/cookie-parser#readme): parses Cookie header and populates `req.cookies` with an object keyed by the cookie names. + +## Customization + +You have three places where you can customize middleware: +1. [global](#1-customize-global-middleware): here, any changes will apply by default *to all operations (`query` and `action`) and `api`.* This is helpful if you wanted to add support for multiple domains to CORS, for example. + + :::caution Modifying global middleware + Please treat modifications to global middleware with extreme care as they will affect all operations and APIs. If you are unsure, use one of the other two options. + ::: + +2. [per-api](#2-customize-api-specific-middleware): you can override middleware for a specific api route (e.g. `POST /webhook/callback`). This is helpful if you want to disable JSON parsing for some callback, for example. +3. [per-path](#3-customize-per-path-middleware): this is helpful if you need to customize middleware for all methods under a given path. + - It's helpful for things like "complex CORS requests" which may need to apply to both `OPTIONS` and `GET`, or to apply some middleware to a _set of `api` routes_. + +### Default Middleware Definitions + +Below is the actual definitions of default middleware which you can override. + + + + +```js +const defaultGlobalMiddleware = new Map([ + ['helmet', helmet()], + ['cors', cors({ origin: config.allowedCORSOrigins })], + ['logger', logger('dev')], + ['express.json', express.json()], + ['express.urlencoded', express.urlencoded({ extended: false })], + ['cookieParser', cookieParser()] +]) +``` + + + +```ts +export type MiddlewareConfig = Map + +// Used in the examples below πŸ‘‡ +export type MiddlewareConfigFn = (middlewareConfig: MiddlewareConfig) => MiddlewareConfig + +const defaultGlobalMiddleware: MiddlewareConfig = new Map([ + ['helmet', helmet()], + ['cors', cors({ origin: config.allowedCORSOrigins })], + ['logger', logger('dev')], + ['express.json', express.json()], + ['express.urlencoded', express.urlencoded({ extended: false })], + ['cookieParser', cookieParser()] +]) +``` + + + +## 1. Customize Global Middleware + +If you would like to modify the middleware for _all_ operations and APIs, you can do something like: + + + + + +```wasp {6} title=main.wasp +app todoApp { + // ... + + server: { + setupFn: import setup from "@src/serverSetup", + middlewareConfigFn: import { serverMiddlewareFn } from "@src/serverSetup" + }, +} +``` + +```ts title=src/serverSetup.js +import cors from 'cors' +import { config } from 'wasp/server' + +export const serverMiddlewareFn = (middlewareConfig) => { + // Example of adding extra domains to CORS. + middlewareConfig.set('cors', cors({ origin: [config.frontendUrl, 'https://example1.com', 'https://example2.com'] })) + return middlewareConfig +} +``` + + + + +```wasp {6} title=main.wasp +app todoApp { + // ... + + server: { + setupFn: import setup from "@src/serverSetup", + middlewareConfigFn: import { serverMiddlewareFn } from "@src/serverSetup" + }, +} +``` + +```ts title=src/serverSetup.ts +import cors from 'cors' +import { config, type MiddlewareConfigFn } from 'wasp/server' + +export const serverMiddlewareFn: MiddlewareConfigFn = (middlewareConfig) => { + // Example of adding an extra domains to CORS. + middlewareConfig.set('cors', cors({ origin: [config.frontendUrl, 'https://example1.com', 'https://example2.com'] })) + return middlewareConfig +} +``` + + + + +## 2. Customize `api`-specific Middleware + +If you would like to modify the middleware for a single API, you can do something like: + + + + +```wasp {5} title=main.wasp +// ... + +api webhookCallback { + fn: import { webhookCallback } from "@src/apis", + middlewareConfigFn: import { webhookCallbackMiddlewareFn } from "@src/apis", + httpRoute: (POST, "/webhook/callback"), + auth: false +} +``` + +```ts title=src/apis.js +import express from 'express' + +export const webhookCallback = (req, res, _context) => { + res.json({ msg: req.body.length }) +} + +export const webhookCallbackMiddlewareFn = (middlewareConfig) => { + console.log('webhookCallbackMiddlewareFn: Swap express.json for express.raw') + + middlewareConfig.delete('express.json') + middlewareConfig.set('express.raw', express.raw({ type: '*/*' })) + + return middlewareConfig +} + +``` + + + +```wasp {5} title=main.wasp +// ... + +api webhookCallback { + fn: import { webhookCallback } from "@src/apis", + middlewareConfigFn: import { webhookCallbackMiddlewareFn } from "@src/apis", + httpRoute: (POST, "/webhook/callback"), + auth: false +} +``` + +```ts title=src/apis.ts +import express from 'express' +import { type WebhookCallback } from 'wasp/server/api' +import { type MiddlewareConfigFn } from 'wasp/server' + +export const webhookCallback: WebhookCallback = (req, res, _context) => { + res.json({ msg: req.body.length }) +} + +export const webhookCallbackMiddlewareFn: MiddlewareConfigFn = (middlewareConfig) => { + console.log('webhookCallbackMiddlewareFn: Swap express.json for express.raw') + + middlewareConfig.delete('express.json') + middlewareConfig.set('express.raw', express.raw({ type: '*/*' })) + + return middlewareConfig +} + +``` + + + +:::note +This gets installed on a per-method basis. Behind the scenes, this results in code like: + +```js +router.post('/webhook/callback', webhookCallbackMiddleware, ...) +``` +::: + +## 3. Customize Per-Path Middleware + +If you would like to modify the middleware for all API routes under some common path, you can define a `middlewareConfigFn` on an `apiNamespace`: + + + + +```wasp {4} title=main.wasp +// ... + +apiNamespace fooBar { + middlewareConfigFn: import { fooBarNamespaceMiddlewareFn } from "@src/apis", + path: "/foo/bar" +} +``` + +```ts title=src/apis.js +export const fooBarNamespaceMiddlewareFn = (middlewareConfig) => { + const customMiddleware = (_req, _res, next) => { + console.log('fooBarNamespaceMiddlewareFn: custom middleware') + next() + } + + middlewareConfig.set('custom.middleware', customMiddleware) + + return middlewareConfig +} +``` + + + +```wasp {4} title=main.wasp +// ... + +apiNamespace fooBar { + middlewareConfigFn: import { fooBarNamespaceMiddlewareFn } from "@src/apis", + path: "/foo/bar" +} +``` + +```ts title=src/apis.ts +import express from 'express' +import { type MiddlewareConfigFn } from 'wasp/server' + +export const fooBarNamespaceMiddlewareFn: MiddlewareConfigFn = (middlewareConfig) => { + const customMiddleware: express.RequestHandler = (_req, _res, next) => { + console.log('fooBarNamespaceMiddlewareFn: custom middleware') + next() + } + + middlewareConfig.set('custom.middleware', customMiddleware) + + return middlewareConfig +} +``` + + + +:::note +This gets installed at the router level for the path. Behind the scenes, this results in something like: + +```js +router.use('/foo/bar', fooBarNamespaceMiddleware) +``` +::: diff --git a/web/versioned_docs/version-0.13.11/advanced/web-sockets.md b/web/versioned_docs/version-0.13.11/advanced/web-sockets.md new file mode 100644 index 0000000000..010faef598 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/advanced/web-sockets.md @@ -0,0 +1,337 @@ +--- +title: Web Sockets +--- +import useBaseUrl from '@docusaurus/useBaseUrl'; +import { ShowForTs } from '@site/src/components/TsJsHelpers'; +import { Required } from '@site/src/components/Tag'; + +Wasp provides a fully integrated WebSocket experience by utilizing [Socket.IO](https://socket.io/) on the client and server. + +We handle making sure your URLs are correctly setup, CORS is enabled, and provide a useful `useSocket` and `useSocketListener` abstractions for use in React components. + +To get started, you need to: +1. Define your WebSocket logic on the server. +2. Enable WebSockets in your Wasp file, and connect it with your server logic. +3. Use WebSockets on the client, in React, via `useSocket` and `useSocketListener`. +4. Optionally, type the WebSocket events and payloads for full-stack type safety. + +Let's go through setting up WebSockets step by step, starting with enabling WebSockets in your Wasp file. + +## Turn On WebSockets in Your Wasp File +We specify that we are using WebSockets by adding `webSocket` to our `app` and providing the required `fn`. You can optionally change the auto-connect behavior. + + + + +```wasp title=todoApp.wasp +app todoApp { + // ... + + webSocket: { + fn: import { webSocketFn } from "@src/webSocket", + autoConnect: true, // optional, default: true + }, +} +``` + + + +```wasp title=todoApp.wasp +app todoApp { + // ... + + webSocket: { + fn: import { webSocketFn } from "@src/webSocket", + autoConnect: true, // optional, default: true + }, +} +``` + + + +## Defining the Events Handler +Let's define the WebSockets server with all of the events and handler functions. + + + +:::info Full-stack type safety +Check this out: we'll define the event types and payloads on the server, and they will be **automatically exposed on the client**. This helps you avoid mistakes when emitting events or handling them. +::: + + +### `webSocketFn` Function +On the server, you will get Socket.IO `io: Server` argument and `context` for your WebSocket function. The `context` object give you access to all of the entities from your Wasp app. + +You can use this `io` object to register callbacks for all the regular [Socket.IO events](https://socket.io/docs/v4/server-api/). Also, if a user is logged in, you will have a `socket.data.user` on the server. + +This is how we can define our `webSocketFn` function: + + + + +```ts title=src/webSocket.js +import { v4 as uuidv4 } from 'uuid' +import { getFirstProviderUserId } from 'wasp/auth' + +export const webSocketFn = (io, context) => { + io.on('connection', (socket) => { + const username = getFirstProviderUserId(socket.data.user) ?? 'Unknown' + console.log('a user connected: ', username) + + socket.on('chatMessage', async (msg) => { + console.log('message: ', msg) + io.emit('chatMessage', { id: uuidv4(), username, text: msg }) + // You can also use your entities here: + // await context.entities.SomeEntity.create({ someField: msg }) + }) + }) +} +``` + + + +```ts title=src/webSocket.ts +import { v4 as uuidv4 } from 'uuid' +import { getFirstProviderUserId } from 'wasp/auth' +import { type WebSocketDefinition, type WaspSocketData } from 'wasp/server/webSocket' + +export const webSocketFn: WebSocketFn = (io, context) => { + io.on('connection', (socket) => { + const username = getFirstProviderUserId(socket.data.user) ?? 'Unknown' + console.log('a user connected: ', username) + + socket.on('chatMessage', async (msg) => { + console.log('message: ', msg) + io.emit('chatMessage', { id: uuidv4(), username, text: msg }) + // You can also use your entities here: + // await context.entities.SomeEntity.create({ someField: msg }) + }) + }) +} + +// Typing our WebSocket function with the events and payloads +// allows us to get type safety on the client as well + +type WebSocketFn = WebSocketDefinition< + ClientToServerEvents, + ServerToClientEvents, + InterServerEvents, + SocketData +> + +interface ServerToClientEvents { + chatMessage: (msg: { id: string, username: string, text: string }) => void; +} + +interface ClientToServerEvents { + chatMessage: (msg: string) => void; +} + +interface InterServerEvents {} + +// Data that is attached to the socket. +// NOTE: Wasp automatically injects the JWT into the connection, +// and if present/valid, the server adds a user to the socket. +interface SocketData extends WaspSocketData {} +``` + + + +## Using the WebSocket On The Client + + + +:::info Full-stack type safety +All the hooks we use are typed with the events and payloads you defined on the server. VS Code will give you autocomplete for the events and payloads, and you will get type errors if you make a mistake. +::: + + +### `useSocket` Hook + +Client access to WebSockets is provided by the `useSocket` hook. It returns: +- `socket: Socket` for sending and receiving events. +- `isConnected: boolean` for showing a display of the Socket.IO connection status. + - Note: Wasp automatically connects and establishes a WebSocket connection from the client to the server by default, so you do not need to explicitly `socket.connect()` or `socket.disconnect()`. + - If you set `autoConnect: false` in your Wasp file, then you should call these as needed. + +All components using `useSocket` share the same underlying `socket`. + +### `useSocketListener` Hook + +Additionally, there is a `useSocketListener: (event, callback) => void` hook which is used for registering event handlers. It takes care of unregistering the handler on unmount. + + + + + +```tsx title=src/ChatPage.jsx +import React, { useState } from 'react' +import { + useSocket, + useSocketListener, +} from 'wasp/client/webSocket' + +export const ChatPage = () => { + const [messageText, setMessageText] = useState('') + const [messages, setMessages] = useState([]) + const { socket, isConnected } = useSocket() + + useSocketListener('chatMessage', logMessage) + + function logMessage(msg) { + setMessages((priorMessages) => [msg, ...priorMessages]) + } + + function handleSubmit(e) { + e.preventDefault() + socket.emit('chatMessage', messageText) + setMessageText('') + } + + const messageList = messages.map((msg) => ( +
  • + {msg.username}: {msg.text} +
    • + )) + const connectionIcon = isConnected ? '🟒' : 'πŸ”΄' + + return ( + <> +

    Chat {connectionIcon}

    +
    +
    +
    +
    + setMessageText(e.target.value)} + /> +
    +
    + +
    +
    +
    +
      {messageList}
    +
    + + ) +} +``` +     + + +Wasp's **full-stack type safety** kicks in here: all the event types and payloads are automatically inferred from the server and are available on the client πŸ”₯ + +You can additionally use the `ClientToServerPayload` and `ServerToClientPayload` helper types to get the payload type for a specific event. + +```tsx title=src/ChatPage.tsx +import React, { useState } from 'react' +import { + useSocket, + useSocketListener, + ServerToClientPayload, +} from 'wasp/client/webSocket' + +export const ChatPage = () => { + const [messageText, setMessageText] = useState< + // We are using a helper type to get the payload type for the "chatMessage" event. + ClientToServerPayload<'chatMessage'> + >('') + const [messages, setMessages] = useState< + ServerToClientPayload<'chatMessage'>[] + >([]) + // The "socket" instance is typed with the types you defined on the server. + const { socket, isConnected } = useSocket() + + // This is a type-safe event handler: "chatMessage" event and its payload type + // are defined on the server. + useSocketListener('chatMessage', logMessage) + + function logMessage(msg: ServerToClientPayload<'chatMessage'>) { + setMessages((priorMessages) => [msg, ...priorMessages]) + } + + function handleSubmit(e: React.FormEvent) { + e.preventDefault() + // This is a type-safe event emitter: "chatMessage" event and its payload type + // are defined on the server. + socket.emit('chatMessage', messageText) + setMessageText('') + } + + const messageList = messages.map((msg) => ( +
  • + {msg.username}: {msg.text} +
    • + )) + const connectionIcon = isConnected ? '🟒' : 'πŸ”΄' + + return ( + <> +

    Chat {connectionIcon}

    +
    +
    +
    +
    + setMessageText(e.target.value)} + /> +
    +
    + +
    +
    +
    +
      {messageList}
    +
    + + ) +} +``` +     +     + +## API Reference + + + + +```wasp title=todoApp.wasp +app todoApp { + // ... + + webSocket: { + fn: import { webSocketFn } from "@src/webSocket", + autoConnect: true, // optional, default: true + }, +} +``` + + + +```wasp title=todoApp.wasp +app todoApp { + // ... + + webSocket: { + fn: import { webSocketFn } from "@src/webSocket", + autoConnect: true, // optional, default: true + }, +} +``` + + + +The `webSocket` dict has the following fields: + +- `fn: WebSocketFn` + + The function that defines the WebSocket events and handlers. + +- `autoConnect: bool` + + Whether to automatically connect to the WebSocket server. Default: `true`. diff --git a/web/versioned_docs/version-0.13.11/auth/Pills.css b/web/versioned_docs/version-0.13.11/auth/Pills.css new file mode 100644 index 0000000000..4764c128f9 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/auth/Pills.css @@ -0,0 +1,17 @@ +:root { + --auth-pills-color: #333; + --auth-pills-email: #e0f2fe; + --auth-pills-github: #f1f5f9; + --auth-pills-google: #ecfccb; + --auth-pills-keycloak: #d0ebf5; + --auth-pills-username-and-pass: #fce7f3; +} + +:root[data-theme='dark'] { + --auth-pills-color: #fff; + --auth-pills-email: #0c4a6e; + --auth-pills-github: #334155; + --auth-pills-google: #365314; + --auth-pills-keycloak: #2d5866; + --auth-pills-username-and-pass: #831843; +} diff --git a/web/versioned_docs/version-0.13.11/auth/Pills.jsx b/web/versioned_docs/version-0.13.11/auth/Pills.jsx new file mode 100644 index 0000000000..94317100a4 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/auth/Pills.jsx @@ -0,0 +1,86 @@ +import React from 'react' +import './Pills.css' +import Link from '@docusaurus/Link' + +export function Pill({ children, linkToPage, style = {} }) { + return ( + + {children} + + ) +} + +export function EmailPill() { + return ( + + Email + + ) +} + +export function UsernameAndPasswordPill() { + return ( + + Username & Password + + ) +} + +export function GithubPill() { + return ( + + Github + + ) +} + +export function GooglePill() { + return ( + + Google + + ) +} + +export function KeycloakPill() { + return ( + + Keycloak + + ) +} diff --git a/web/versioned_docs/version-0.13.11/auth/_multiple-identities-warning.md b/web/versioned_docs/version-0.13.11/auth/_multiple-identities-warning.md new file mode 100644 index 0000000000..ea8f5d8251 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/auth/_multiple-identities-warning.md @@ -0,0 +1,6 @@ +:::caution Using multiple auth identities for a single user + +Wasp currently doesn't support multiple auth identities for a single user. This means, for example, that a user can't have both an email-based auth identity and a Google-based auth identity. This is something we will add in the future with the introduction of the [account merging feature](https://github.com/wasp-lang/wasp/issues/954). + +Account merging means that multiple auth identities can be merged into a single user account. For example, a user's email and Google identity can be merged into a single user account. Then the user can log in with either their email or Google account and they will be logged into the same account. +::: diff --git a/web/versioned_docs/version-0.13.11/auth/_read-more-about-auth-entities.md b/web/versioned_docs/version-0.13.11/auth/_read-more-about-auth-entities.md new file mode 100644 index 0000000000..bafd959cac --- /dev/null +++ b/web/versioned_docs/version-0.13.11/auth/_read-more-about-auth-entities.md @@ -0,0 +1 @@ +You can read more about how the `User` entity is connected to the rest of the auth system in the [Auth Entities](./entities) section of the docs. \ No newline at end of file diff --git a/web/versioned_docs/version-0.13.11/auth/_user-fields.md b/web/versioned_docs/version-0.13.11/auth/_user-fields.md new file mode 100644 index 0000000000..32319805d7 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/auth/_user-fields.md @@ -0,0 +1,8 @@ +import { Required } from '@site/src/components/Tag'; + +The user entity needs to have the following fields: +- `id` + + It can be of any type, but it needs to be marked with `@id` + +You can add any other fields you want to the user entity. Make sure to also define them in the `userSignupFields` field if they need to be set during the sign-up process. \ No newline at end of file diff --git a/web/versioned_docs/version-0.13.11/auth/_user-signup-fields-explainer.md b/web/versioned_docs/version-0.13.11/auth/_user-signup-fields-explainer.md new file mode 100644 index 0000000000..525a801c89 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/auth/_user-signup-fields-explainer.md @@ -0,0 +1,38 @@ +`userSignupFields` defines all the extra fields that need to be set on the `User` during the sign-up process. For example, if you have `address` and `phone` fields on your `User` entity, you can set them by defining the `userSignupFields` like this: + + + + +```ts title="src/auth.js" +import { defineUserSignupFields } from 'wasp/server/auth' + +export const userSignupFields = defineUserSignupFields({ + address: (data) => { + if (!data.address) { + throw new Error('Address is required') + } + return data.address + } + phone: (data) => data.phone, +}) +``` + + + + +```ts title="src/auth.ts" +import { defineUserSignupFields } from 'wasp/server/auth' + +export const userSignupFields = defineUserSignupFields({ + address: (data) => { + if (!data.address) { + throw new Error('Address is required') + } + return data.address + } + phone: (data) => data.phone, +}) +``` + + + diff --git a/web/versioned_docs/version-0.13.11/auth/email.md b/web/versioned_docs/version-0.13.11/auth/email.md new file mode 100644 index 0000000000..c1228cc6e0 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/auth/email.md @@ -0,0 +1,1119 @@ +--- +title: Email +--- + +import { Required } from '@site/src/components/Tag'; +import MultipleIdentitiesWarning from './\_multiple-identities-warning.md'; +import ReadMoreAboutAuthEntities from './\_read-more-about-auth-entities.md'; +import GetEmail from './entities/\_get-email.md'; +import UserSignupFieldsExplainer from './\_user-signup-fields-explainer.md'; +import UserFields from './\_user-fields.md'; + +Wasp supports e-mail authentication out of the box, along with email verification and "forgot your password?" flows. It provides you with the server-side implementation and email templates for all of these flows. + +![Auth UI](/img/authui/all_screens.gif) + + + +## Setting Up Email Authentication + +We'll need to take the following steps to set up email authentication: +1. Enable email authentication in the Wasp file +1. Add the `User` entity +1. Add the auth routes and pages +1. Use Auth UI components in our pages +1. Set up the email sender + +Structure of the `main.wasp` file we will end up with: + +```wasp title="main.wasp" +// Configuring e-mail authentication +app myApp { + auth: { ... } +} + +// Defining User entity +entity User { ... } + +// Defining routes and pages +route SignupRoute { ... } +page SignupPage { ... } +// ... +``` + +### 1. Enable Email Authentication in `main.wasp` + +Let's start with adding the following to our `main.wasp` file: + + + + +```wasp title="main.wasp" +app myApp { + wasp: { + version: "^0.13.0" + }, + title: "My App", + auth: { + // 1. Specify the user entity (we'll define it next) + userEntity: User, + methods: { + // 2. Enable email authentication + email: { + // 3. Specify the email from field + fromField: { + name: "My App Postman", + email: "hello@itsme.com" + }, + // 4. Specify the email verification and password reset options (we'll talk about them later) + emailVerification: { + clientRoute: EmailVerificationRoute, + }, + passwordReset: { + clientRoute: PasswordResetRoute, + }, + }, + }, + onAuthFailedRedirectTo: "/login", + onAuthSucceededRedirectTo: "/" + }, +} +``` + + + +```wasp title="main.wasp" +app myApp { + wasp: { + version: "^0.13.0" + }, + title: "My App", + auth: { + // 1. Specify the user entity (we'll define it next) + userEntity: User, + methods: { + // 2. Enable email authentication + email: { + // 3. Specify the email from field + fromField: { + name: "My App Postman", + email: "hello@itsme.com" + }, + // 4. Specify the email verification and password reset options (we'll talk about them later) + emailVerification: { + clientRoute: EmailVerificationRoute, + }, + passwordReset: { + clientRoute: PasswordResetRoute, + }, + }, + }, + onAuthFailedRedirectTo: "/login", + onAuthSucceededRedirectTo: "/" + }, +} +``` + + + +Read more about the `email` auth method options [here](#fields-in-the-email-dict). + +### 2. Add the User Entity + +The `User` entity can be as simple as including only the `id` field: + + + + +```wasp title="main.wasp" +// 5. Define the user entity +entity User {=psl + // highlight-next-line + id Int @id @default(autoincrement()) + // Add your own fields below + // ... +psl=} +``` + + + +```wasp title="main.wasp" +// 5. Define the user entity +entity User {=psl + // highlight-next-line + id Int @id @default(autoincrement()) + // Add your own fields below + // ... +psl=} +``` + + + + + + +### 3. Add the Routes and Pages + +Next, we need to define the routes and pages for the authentication pages. + +Add the following to the `main.wasp` file: + + + + +```wasp title="main.wasp" +// ... + +// 6. Define the routes +route LoginRoute { path: "/login", to: LoginPage } +page LoginPage { + component: import { Login } from "@src/pages/auth.jsx" +} + +route SignupRoute { path: "/signup", to: SignupPage } +page SignupPage { + component: import { Signup } from "@src/pages/auth.jsx" +} + +route RequestPasswordResetRoute { path: "/request-password-reset", to: RequestPasswordResetPage } +page RequestPasswordResetPage { + component: import { RequestPasswordReset } from "@src/pages/auth.jsx", +} + +route PasswordResetRoute { path: "/password-reset", to: PasswordResetPage } +page PasswordResetPage { + component: import { PasswordReset } from "@src/pages/auth.jsx", +} + +route EmailVerificationRoute { path: "/email-verification", to: EmailVerificationPage } +page EmailVerificationPage { + component: import { EmailVerification } from "@src/pages/auth.jsx", +} +``` + + + +```wasp title="main.wasp" +// ... + +// 6. Define the routes +route LoginRoute { path: "/login", to: LoginPage } +page LoginPage { + component: import { Login } from "@src/pages/auth.tsx" +} + +route SignupRoute { path: "/signup", to: SignupPage } +page SignupPage { + component: import { Signup } from "@src/pages/auth.tsx" +} + +route RequestPasswordResetRoute { path: "/request-password-reset", to: RequestPasswordResetPage } +page RequestPasswordResetPage { + component: import { RequestPasswordReset } from "@src/pages/auth.tsx", +} + +route PasswordResetRoute { path: "/password-reset", to: PasswordResetPage } +page PasswordResetPage { + component: import { PasswordReset } from "@src/pages/auth.tsx", +} + +route EmailVerificationRoute { path: "/email-verification", to: EmailVerificationPage } +page EmailVerificationPage { + component: import { EmailVerification } from "@src/pages/auth.tsx", +} +``` + + + +We'll define the React components for these pages in the `src/pages/auth.{jsx,tsx}` file below. + +### 4. Create the Client Pages + +:::info +We are using [Tailwind CSS](https://tailwindcss.com/) to style the pages. Read more about how to add it [here](../project/css-frameworks). +::: + +Let's create a `auth.{jsx,tsx}` file in the `src/pages` folder and add the following to it: + + + + +```tsx title="src/pages/auth.jsx" +import { + LoginForm, + SignupForm, + VerifyEmailForm, + ForgotPasswordForm, + ResetPasswordForm, +} from 'wasp/client/auth' +import { Link } from 'react-router-dom' + +export function Login() { + return ( + + +
    + + Don't have an account yet? go to signup. + +
    + + Forgot your password? reset it + . + +     + ); +} + +export function Signup() { + return ( + + +
    + + I already have an account (go to login). + +     + ); +} + +export function EmailVerification() { + return ( + + +
    + + If everything is okay, go to login + +     + ); +} + +export function RequestPasswordReset() { + return ( + + + + ); +} + +export function PasswordReset() { + return ( + + +
    + + If everything is okay, go to login + +     + ); +} + +// A layout component to center the content +export function Layout({ children }) { + return ( +
    +
    +
    +
    {children}
    +
    +
    +
    + ); +} +``` +     + + +```tsx title="src/pages/auth.tsx" +import { + LoginForm, + SignupForm, + VerifyEmailForm, + ForgotPasswordForm, + ResetPasswordForm, +} from 'wasp/client/auth' +import { Link } from 'react-router-dom' + +export function Login() { + return ( + + +
    + + Don't have an account yet? go to signup. + +
    + + Forgot your password? reset it + . + +     + ); +} + +export function Signup() { + return ( + + +
    + + I already have an account (go to login). + +     + ); +} + +export function EmailVerification() { + return ( + + +
    + + If everything is okay, go to login + +     + ); +} + +export function RequestPasswordReset() { + return ( + + + + ); +} + +export function PasswordReset() { + return ( + + +
    + + If everything is okay, go to login + +     + ); +} + +// A layout component to center the content +export function Layout({ children }: { children: React.ReactNode }) { + return ( +
    +
    +
    +
    {children}
    +
    +
    +
    + ); +} +``` +     +     + +We imported the generated Auth UI components and used them in our pages. Read more about the Auth UI components [here](../auth/ui). + +### 5. Set up an Email Sender + +To support e-mail verification and password reset flows, we need an e-mail sender. Luckily, Wasp supports several email providers out of the box. + +We'll use the `Dummy` provider to speed up the setup. It just logs the emails to the console instead of sending them. You can use any of the [supported email providers](../advanced/email#providers). + +To set up the `Dummy` provider to send emails, add the following to the `main.wasp` file: + + + + +```wasp title="main.wasp" +app myApp { + // ... + // 7. Set up the email sender + emailSender: { + provider: Dummy, + } +} +``` + + + +```wasp title="main.wasp" +app myApp { + // ... + // 7. Set up the email sender + emailSender: { + provider: Dummy, + } +} +``` + + + +### Conclusion + +That's it! We have set up email authentication in our app. πŸŽ‰ + +Running `wasp db migrate-dev` and then `wasp start` should give you a working app with email authentication. If you want to put some of the pages behind authentication, read the [auth overview](../auth/overview). + +## Login and Signup Flows + +### Login + +![Auth UI](/img/authui/login.png) + +### Signup + +![Auth UI](/img/authui/signup.png) + +Some of the behavior you get out of the box: +1. Rate limiting + + We are limiting the rate of sign-up requests to **1 request per minute** per email address. This is done to prevent spamming. + +2. Preventing user email leaks + + If somebody tries to signup with an email that already exists and it's verified, we _pretend_ that the account was created instead of saying it's an existing account. This is done to prevent leaking the user's email address. + +3. Allowing registration for unverified emails + + If a user tries to register with an existing but **unverified** email, we'll allow them to do that. This is done to prevent bad actors from locking out other users from registering with their email address. + +4. Password validation + + Read more about the default password validation rules and how to override them in [auth overview docs](../auth/overview). + +## Email Verification Flow + +:::info Automatic email verification in development + +In development mode, you can skip the email verification step by setting the `SKIP_EMAIL_VERIFICATION_IN_DEV` environment variable to `true` in your `.env.server` file: + +```env title=".env.server" +SKIP_EMAIL_VERIFICATION_IN_DEV=true +``` + +This is useful when you are developing your app and don't want to go through the email verification flow every time you sign up. It can be also useful when you are writing automated tests for your app. +::: + +By default, Wasp requires the e-mail to be verified before allowing the user to log in. This is done by sending a verification email to the user's email address and requiring the user to click on a link in the email to verify their email address. + +Our setup looks like this: + + + + +```wasp title="main.wasp" +// ... + +emailVerification: { + clientRoute: EmailVerificationRoute, +} +``` + + + +```wasp title="main.wasp" +// ... + +emailVerification: { + clientRoute: EmailVerificationRoute, +} +``` + + + +When the user receives an e-mail, they receive a link that goes to the client route specified in the `clientRoute` field. In our case, this is the `EmailVerificationRoute` route we defined in the `main.wasp` file. + +The content of the e-mail can be customized, read more about it [here](#emailverification-emailverificationconfig-). + +### Email Verification Page + +We defined our email verification page in the `auth.{jsx,tsx}` file. + +![Auth UI](/img/authui/email_verification.png) + +## Password Reset Flow + +Users can request a password and then they'll receive an e-mail with a link to reset their password. + +Some of the behavior you get out of the box: +1. Rate limiting + + We are limiting the rate of sign-up requests to **1 request per minute** per email address. This is done to prevent spamming. + +2. Preventing user email leaks + + If somebody requests a password reset with an unknown email address, we'll give back the same response as if the user requested a password reset successfully. This is done to prevent leaking information. + +Our setup in `main.wasp` looks like this: + + + + +```wasp title="main.wasp" +// ... + +passwordReset: { + clientRoute: PasswordResetRoute, +} +``` + + + +```wasp title="main.wasp" +// ... + +passwordReset: { + clientRoute: PasswordResetRoute, +} +``` + + + +### Request Password Reset Page + +Users request their password to be reset by going to the `/request-password-reset` route. We defined our request password reset page in the `auth.{jsx,tsx}` file. + +![Request password reset page](/img/authui/forgot_password_after.png) + +### Password Reset Page + +When the user receives an e-mail, they receive a link that goes to the client route specified in the `clientRoute` field. In our case, this is the `PasswordResetRoute` route we defined in the `main.wasp` file. + +![Request password reset page](/img/authui/reset_password_after.png) + +Users can enter their new password there. + +The content of the e-mail can be customized, read more about it [here](#passwordreset-passwordresetconfig-). + +## Creating a Custom Sign-up Action + +:::caution Creating a custom sign-up action + +We don't recommend creating a custom sign-up action unless you have a good reason to do so. It is a complex process and you can easily make a mistake that will compromise the security of your app. +::: + +The code of your custom sign-up action can look like this: + + + + +```wasp title="main.wasp" +// ... + +action customSignup { + fn: import { signup } from "@src/auth/signup.js", +} +``` + +```js title="src/auth/signup.js" +import { + ensurePasswordIsPresent, + ensureValidPassword, + ensureValidEmail, + createProviderId, + sanitizeAndSerializeProviderData, + deserializeAndSanitizeProviderData, + findAuthIdentity, + createUser, + createEmailVerificationLink, + sendEmailVerificationEmail, +} from 'wasp/server/auth' + +export const signup = async (args, _context) => { + ensureValidEmail(args) + ensurePasswordIsPresent(args) + ensureValidPassword(args) + + try { + const providerId = createProviderId('email', args.email) + const existingAuthIdentity = await findAuthIdentity(providerId) + + if (existingAuthIdentity) { + const providerData = deserializeAndSanitizeProviderData(existingAuthIdentity.providerData) + // Your custom code here + } else { + // sanitizeAndSerializeProviderData will hash the user's password + const newUserProviderData = await sanitizeAndSerializeProviderData({ + hashedPassword: args.password, + isEmailVerified: false, + emailVerificationSentAt: null, + passwordResetSentAt: null, + }) + await createUser( + providerId, + providerData, + // Any additional data you want to store on the User entity + {}, + ) + + // Verification link links to a client route e.g. /email-verification + const verificationLink = await createEmailVerificationLink(args.email, '/email-verification'); + try { + await sendEmailVerificationEmail( + args.email, + { + from: { + name: "My App Postman", + email: "hello@itsme.com", + }, + to: args.email, + subject: "Verify your email", + text: `Click the link below to verify your email: ${verificationLink}`, + html: ` +

    Click the link below to verify your email

    + Verify email + `, + } + ); + } catch (e: unknown) { + console.error("Failed to send email verification email:", e); + throw new HttpError(500, "Failed to send email verification email."); + } + } + } catch (e) { + return { + success: false, + message: e.message, + } + } + + // Your custom code after sign-up. + // ... + + return { + success: true, + message: 'User created successfully', + } +} +``` +     + + +```wasp title="main.wasp" +// ... + +action customSignup { + fn: import { signup } from "@src/auth/signup.js", +} +``` + +```ts title="src/auth/signup.ts" +import { + ensurePasswordIsPresent, + ensureValidPassword, + ensureValidEmail, + createProviderId, + sanitizeAndSerializeProviderData, + deserializeAndSanitizeProviderData, + findAuthIdentity, + createUser, + createEmailVerificationLink, + sendEmailVerificationEmail, +} from 'wasp/server/auth' +import type { CustomSignup } from 'wasp/server/operations' + +type CustomSignupInput = { + email: string + password: string +} +type CustomSignupOutput = { + success: boolean + message: string +} + +export const signup: CustomSignup = async (args, _context) => { + ensureValidEmail(args) + ensurePasswordIsPresent(args) + ensureValidPassword(args) + + try { + const providerId = createProviderId('email', args.email) + const existingAuthIdentity = await findAuthIdentity(providerId) + + if (existingAuthIdentity) { + const providerData = deserializeAndSanitizeProviderData<'email'>(existingAuthIdentity.providerData) + // Your custom code here + } else { + // sanitizeAndSerializeProviderData will hash the user's password + const newUserProviderData = await sanitizeAndSerializeProviderData<'email'>({ + hashedPassword: args.password, + isEmailVerified: false, + emailVerificationSentAt: null, + passwordResetSentAt: null, + }) + await createUser( + providerId, + providerData, + // Any additional data you want to store on the User entity + {}, + ) + + // Verification link links to a client route e.g. /email-verification + const verificationLink = await createEmailVerificationLink(args.email, '/email-verification'); + try { + await sendEmailVerificationEmail( + args.email, + { + from: { + name: "My App Postman", + email: "hello@itsme.com", + }, + to: args.email, + subject: "Verify your email", + text: `Click the link below to verify your email: ${verificationLink}`, + html: ` +

    Click the link below to verify your email

    + Verify email + `, + } + ); + } catch (e: unknown) { + console.error("Failed to send email verification email:", e); + throw new HttpError(500, "Failed to send email verification email."); + } + } + } catch (e) { + return { + success: false, + message: e.message, + } + } + + // Your custom code after sign-up. + // ... + + return { + success: true, + message: 'User created successfully', + } +} +``` +     +     + +We suggest using the built-in field validators for your authentication flow. You can import them from `wasp/server/auth`. These are the same validators that Wasp uses internally for the default authentication flow. + +#### Email + +- `ensureValidEmail(args)` + + Checks if the email is valid and throws an error if it's not. Read more about the validation rules [here](../auth/overview#default-validations). + +#### Password + +- `ensurePasswordIsPresent(args)` + + Checks if the password is present and throws an error if it's not. + +- `ensureValidPassword(args)` + + Checks if the password is valid and throws an error if it's not. Read more about the validation rules [here](../auth/overview#default-validations). + +## Using Auth + +To read more about how to set up the logout button and how to get access to the logged-in user in our client and server code, read the [auth overview docs](../auth/overview). + +### `getEmail` + +If you are looking to access the user's email in your code, you can do that by accessing the info about the user that is stored in the `user.auth.identities` array. + +To make things a bit easier for you, Wasp offers the `getEmail` helper. + + + +## API Reference + +Let's go over the options we can specify when using email authentication. + +### `userEntity` fields + + + + +```wasp title="main.wasp" +app myApp { + title: "My app", + // ... + + auth: { + userEntity: User, + methods: { + email: { + // We'll explain these options below + }, + }, + onAuthFailedRedirectTo: "/someRoute" + }, + // ... +} + +entity User {=psl + // highlight-next-line + id Int @id @default(autoincrement()) +psl=} +``` + + + + +```wasp title="main.wasp" +app myApp { + title: "My app", + // ... + + auth: { + userEntity: User, + methods: { + email: { + // We'll explain these options below + }, + }, + onAuthFailedRedirectTo: "/someRoute" + }, + // ... +} + +entity User {=psl + // highlight-next-line + id Int @id @default(autoincrement()) +psl=} +``` + + + + + +### Fields in the `email` dict + + + + +```wasp title="main.wasp" +app myApp { + title: "My app", + // ... + + auth: { + userEntity: User, + methods: { + email: { + userSignupFields: import { userSignupFields } from "@src/auth.js", + fromField: { + name: "My App", + email: "hello@itsme.com" + }, + emailVerification: { + clientRoute: EmailVerificationRoute, + getEmailContentFn: import { getVerificationEmailContent } from "@src/auth/email.js", + }, + passwordReset: { + clientRoute: PasswordResetRoute, + getEmailContentFn: import { getPasswordResetEmailContent } from "@src/auth/email.js", + }, + }, + }, + onAuthFailedRedirectTo: "/someRoute" + }, + // ... +} +``` + + + +```wasp title="main.wasp" +app myApp { + title: "My app", + // ... + + auth: { + userEntity: User, + methods: { + email: { + userSignupFields: import { userSignupFields } from "@src/auth.js", + fromField: { + name: "My App", + email: "hello@itsme.com" + }, + emailVerification: { + clientRoute: EmailVerificationRoute, + getEmailContentFn: import { getVerificationEmailContent } from "@src/auth/email.js", + }, + passwordReset: { + clientRoute: PasswordResetRoute, + getEmailContentFn: import { getPasswordResetEmailContent } from "@src/auth/email.js", + }, + }, + }, + onAuthFailedRedirectTo: "/someRoute" + }, + // ... +} +``` + + + +#### `userSignupFields: ExtImport` + + +Read more about the `userSignupFields` function [here](./overview#1-defining-extra-fields). + +#### `fromField: EmailFromField` +`fromField` is a dict that specifies the name and e-mail address of the sender of the e-mails sent by your app. + +It has the following fields: +- `name`: name of the sender +- `email`: e-mail address of the sender + +#### `emailVerification: EmailVerificationConfig` +`emailVerification` is a dict that specifies the details of the e-mail verification process. + +It has the following fields: +- `clientRoute: Route`: a route that is used for the user to verify their e-mail address. + + Client route should handle the process of taking a token from the URL and sending it to the server to verify the e-mail address. You can use our `verifyEmail` action for that. + + + + + ```js title="src/pages/EmailVerificationPage.jsx" + import { verifyEmail } from 'wasp/client/auth' + ... + await verifyEmail({ token }); + ``` + + + + ```ts title="src/pages/EmailVerificationPage.tsx" + import { verifyEmail } from 'wasp/client/auth' + ... + await verifyEmail({ token }); + ``` + + + + :::note + We used Auth UI above to avoid doing this work of sending the token to the server manually. + ::: + +- `getEmailContentFn: ExtImport`: a function that returns the content of the e-mail that is sent to the user. + + Defining `getEmailContentFn` can be done by defining a file in the `src` directory. + + + + + ```ts title="src/email.js" + export const getVerificationEmailContent = ({ verificationLink }) => ({ + subject: 'Verify your email', + text: `Click the link below to verify your email: ${verificationLink}`, + html: ` +

    Click the link below to verify your email

    + Verify email + `, + }) + ``` +     + + + ```ts title="src/email.ts" + import { GetVerificationEmailContentFn } from 'wasp/server/auth' + + export const getVerificationEmailContent: GetVerificationEmailContentFn = ({ + verificationLink, + }) => ({ + subject: 'Verify your email', + text: `Click the link below to verify your email: ${verificationLink}`, + html: ` +

    Click the link below to verify your email

    + Verify email + `, + }) + ``` +     +     + + This is the default content of the e-mail, you can customize it to your liking. + + +#### `passwordReset: PasswordResetConfig` +`passwordReset` is a dict that specifies the password reset process. + +It has the following fields: +- `clientRoute: Route`: a route that is used for the user to reset their password. + + Client route should handle the process of taking a token from the URL and a new password from the user and sending it to the server. You can use our `requestPasswordReset` and `resetPassword` actions to do that. + + + + + ```js title="src/pages/ForgotPasswordPage.jsx" + import { requestPasswordReset } from 'wasp/client/auth' + ... + await requestPasswordReset({ email }); + ``` + + ```js title="src/pages/PasswordResetPage.jsx" + import { resetPassword } from 'wasp/client/auth' + ... + await resetPassword({ password, token }) + ``` + + + + ```ts title="src/pages/ForgotPasswordPage.tsx" + import { requestPasswordReset } from 'wasp/client/auth' + ... + await requestPasswordReset({ email }); + ``` + + ```ts title="src/pages/PasswordResetPage.tsx" + import { resetPassword } from 'wasp/client/auth' + ... + await resetPassword({ password, token }) + ``` + + + + :::note + We used Auth UI above to avoid doing this work of sending the password request and the new password to the server manually. + ::: + +- `getEmailContentFn: ExtImport`: a function that returns the content of the e-mail that is sent to the user. + + Defining `getEmailContentFn` is done by defining a function that looks like this: + + + + + ```ts title="src/email.js" + export const getPasswordResetEmailContent = ({ passwordResetLink }) => ({ + subject: 'Password reset', + text: `Click the link below to reset your password: ${passwordResetLink}`, + html: ` +

    Click the link below to reset your password

    + Reset password + `, + }) + ``` +     + + + ```ts title="src/email.ts" + import { GetPasswordResetEmailContentFn } from 'wasp/server/auth' + + export const getPasswordResetEmailContent: GetPasswordResetEmailContentFn = ({ + passwordResetLink, + }) => ({ + subject: 'Password reset', + text: `Click the link below to reset your password: ${passwordResetLink}`, + html: ` +

    Click the link below to reset your password

    + Reset password + `, + }) + ``` +     +     + + This is the default content of the e-mail, you can customize it to your liking. diff --git a/web/versioned_docs/version-0.13.11/auth/entities/_get-email.md b/web/versioned_docs/version-0.13.11/auth/entities/_get-email.md new file mode 100644 index 0000000000..943027a9ca --- /dev/null +++ b/web/versioned_docs/version-0.13.11/auth/entities/_get-email.md @@ -0,0 +1,47 @@ +The `getEmail` helper returns the user's email or `null` if the user doesn't have an email auth identity. + + + + +```jsx title="src/MainPage.jsx" +import { getEmail } from 'wasp/auth' + +const MainPage = ({ user }) => { + const email = getEmail(user) + // ... +} +``` + +```js title=src/tasks.js +import { getEmail } from 'wasp/auth' + +export const createTask = async (args, context) => { + const email = getEmail(context.user) + // ... +} +``` + + + + + +```tsx title="src/MainPage.tsx" +import { getEmail, AuthUser } from 'wasp/auth' + +const MainPage = ({ user }: { user: AuthUser }) => { + const email = getEmail(user) + // ... +} +``` + +```ts title=src/tasks.ts +import { getEmail } from 'wasp/auth' + +export const createTask: CreateTask<...> = async (args, context) => { + const email = getEmail(context.user) + // ... +} +``` + + + diff --git a/web/versioned_docs/version-0.13.11/auth/entities/_get-username.md b/web/versioned_docs/version-0.13.11/auth/entities/_get-username.md new file mode 100644 index 0000000000..c5b118473f --- /dev/null +++ b/web/versioned_docs/version-0.13.11/auth/entities/_get-username.md @@ -0,0 +1,47 @@ +The `getUsername` helper returns the user's username or `null` if the user doesn't have a username auth identity. + + + + +```jsx title="src/MainPage.jsx" +import { getUsername } from 'wasp/auth' + +const MainPage = ({ user }) => { + const username = getUsername(user) + // ... +} +``` + +```js title=src/tasks.js +import { getUsername } from 'wasp/auth' + +export const createTask = async (args, context) => { + const username = getUsername(context.user) + // ... +} +``` + + + + + +```tsx title="src/MainPage.tsx" +import { getUsername, AuthUser } from 'wasp/auth' + +const MainPage = ({ user }: { user: AuthUser }) => { + const username = getUsername(user) + // ... +} +``` + +```ts title=src/tasks.ts +import { getUsername } from 'wasp/auth' + +export const createTask: CreateTask<...> = async (args, context) => { + const username = getUsername(context.user) + // ... +} +``` + + + \ No newline at end of file diff --git a/web/versioned_docs/version-0.13.11/auth/entities/entities.md b/web/versioned_docs/version-0.13.11/auth/entities/entities.md new file mode 100644 index 0000000000..ab01ed93f0 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/auth/entities/entities.md @@ -0,0 +1,448 @@ +--- +title: Auth Entities +--- + +import ImgWithCaption from '@site/blog/components/ImgWithCaption' +import { Internal } from '@site/src/components/Tag' +import MultipleIdentitiesWarning from '../\_multiple-identities-warning.md'; +import GetEmail from './\_get-email.md'; +import GetUsername from './\_get-username.md'; + +Wasp supports multiple different authentication methods and for each method, we need to store different information about the user. For example, if you are using the [Username & password](./username-and-pass) authentication method, we need to store the user's username and password. On the other hand, if you are using the [Email](./email) authentication method, you will need to store the user's email, password and for example, their email verification status. + +## Entities Explained + +To store user information, Wasp creates a few entities behind the scenes. In this section, we will explain what entities are created and how they are connected. + +### User Entity + +When you want to add authentication to your app, you need to specify the user entity e.g. `User` in your Wasp file. This entity is a "business logic user" which represents a user of your app. + +You can use this entity to store any information about the user that you want to store. For example, you might want to store the user's name or address. You can also use the user entity to define the relations between users and other entities in your app. For example, you might want to define a relation between a user and the tasks that they have created. + +```wasp +entity User {=psl + id Int @id @default(autoincrement()) + // Any other fields you want to store about the user +psl=} +``` + +You **own** the user entity and you can modify it as you wish. You can add new fields to it, remove fields from it, or change the type of the fields. You can also add new relations to it or remove existing relations from it. + + + +On the other hand, the `Auth`, `AuthIdentity` and `Session` entities are created behind the scenes and are used to store the user's login credentials. You as the developer don't need to care about this entity most of the time. Wasp **owns** these entities. + +In the case you want to create a custom signup action, you will need to use the `Auth` and `AuthIdentity` entities directly. + +### Example App Model +Let's imagine we created a simple tasks management app: + + - The app has email and Google-based auth. + - Users can create tasks and see the tasks that they have created. + +Let's look at how would that look in the database: + + + +If we take a look at an example user in the database, we can see: +- The business logic user, `User` is connected to multiple `Task` entities. + - In this example, "Example User" has two tasks. +- The `User` is connected to exactly one `Auth` entity. +- Each `Auth` entity can have multiple `AuthIdentity` entities. + - In this example, the `Auth` entity has two `AuthIdentity` entities: one for the email-based auth and one for the Google-based auth. +- Each `Auth` entity can have multiple `Session` entities. + - In this example, the `Auth` entity has one `Session` entity. + + + +### `Auth` Entity + +Wasp's internal `Auth` entity is used to connect the business logic user, `User` with the user's login credentials. + +```wasp +entity Auth {=psl + id String @id @default(uuid()) + userId Int? @unique + // Wasp injects this relation on the User entity as well + user User? @relation(fields: [userId], references: [id], onDelete: Cascade) + identities AuthIdentity[] + sessions Session[] +psl=} +``` + +The `Auth` fields: + +- `id` is a unique identifier of the `Auth` entity. +- `userId` is a foreign key to the `User` entity. + - It is used to connect the `Auth` entity with the business logic user. +- `user` is a relation to the `User` entity. + - This relation is injected on the `User` entity as well. +- `identities` is a relation to the `AuthIdentity` entity. +- `sessions` is a relation to the `Session` entity. + +### `AuthIdentity` Entity + +The `AuthIdentity` entity is used to store the user's login credentials for various authentication methods. + +```wasp +entity AuthIdentity {=psl + providerName String + providerUserId String + providerData String @default("{}") + authId String + auth Auth @relation(fields: [authId], references: [id], onDelete: Cascade) + + @@id([providerName, providerUserId]) +psl=} +``` + +The `AuthIdentity` fields: +- `providerName` is the name of the authentication provider. + - For example, `email` or `google`. +- `providerUserId` is the user's ID in the authentication provider. + - For example, the user's email or Google ID. +- `providerData` is a JSON string that contains additional data about the user from the authentication provider. + - For example, for password based auth, this field contains the user's hashed password. + - This field is a `String` and not a `Json` type because [Prisma doesn't support the `Json` type for SQLite](https://github.com/prisma/prisma/issues/3786). +- `authId` is a foreign key to the `Auth` entity. + - It is used to connect the `AuthIdentity` entity with the `Auth` entity. +- `auth` is a relation to the `Auth` entity. + +### `Session` Entity + +The `Session` entity is used to store the user's session information. It is used to keep the user logged in between page refreshes. + +```wasp +entity Session {=psl + id String @id @unique + expiresAt DateTime + userId String + auth Auth @relation(references: [id], fields: [userId], onDelete: Cascade) + + @@index([userId]) +psl=} +``` + +The `Session` fields: +- `id` is a unique identifier of the `Session` entity. +- `expiresAt` is the date when the session expires. +- `userId` is a foreign key to the `Auth` entity. + - It is used to connect the `Session` entity with the `Auth` entity. +- `auth` is a relation to the `Auth` entity. + +## Accessing the Auth Fields + +If you are looking to access the user's email or username in your code, you can do that by accessing the info about the user that is stored in the `AuthIdentity` entity. + +Everywhere where Wasp gives you the `user` object, it also includes the `auth` relation with the `identities` relation. This means that you can access the auth identity info by using the `user.auth.identities` array. + +To make things a bit easier for you, Wasp offers a few helper functions that you can use to access the auth identity info. + +### `getEmail` + + + +### `getUsername` + + + +### `getFirstProviderUserId` + +The `getFirstProviderUserId` helper returns the first user ID (e.g. `username` or `email`) that it finds for the user or `null` if it doesn't find any. + +[As mentioned before](#authidentity-entity-), the `providerUserId` field is how providers identify our users. For example, the user's `username` in the case of the username auth or the user's `email` in the case of the email auth. This can be useful if you support multiple authentication methods and you need *any* ID that identifies the user in your app. + + + + +```jsx title="src/MainPage.jsx" +import { getFirstProviderUserId } from 'wasp/auth' + +const MainPage = ({ user }) => { + const userId = getFirstProviderUserId(user) + // ... +} +``` + +```js title=src/tasks.js +import { getFirstProviderUserId } from 'wasp/auth' + +export const createTask = async (args, context) => { + const userId = getFirstProviderUserId(context.user) + // ... +} +``` + + + + + +```tsx title="src/MainPage.tsx" +import { getFirstProviderUserId, AuthUser } from 'wasp/auth' + +const MainPage = ({ user }: { user: AuthUser }) => { + const userId = getFirstProviderUserId(user) + // ... +} +``` + +```ts title=src/tasks.ts +import { getFirstProviderUserId } from 'wasp/auth' + +export const createTask: CreateTask<...> = async (args, context) => { + const userId = getFirstProviderUserId(context.user) + // ... +} +``` + + + + +### `findUserIdentity` + +You can find a specific auth identity by using the `findUserIdentity` helper function. This function takes a `user` and a `providerName` and returns the first `providerName` identity that it finds or `null` if it doesn't find any. + +Possible provider names are: +- `email` +- `username` +- `google` +- `github` + +This can be useful if you want to check if the user has a specific auth identity. For example, you might want to check if the user has an email auth identity or Google auth identity. + + + + +```jsx title="src/MainPage.jsx" +import { findUserIdentity } from 'wasp/auth' + +const MainPage = ({ user }) => { + const emailIdentity = findUserIdentity(user, 'email') + const googleIdentity = findUserIdentity(user, 'google') + if (emailIdentity) { + // ... + } else if (googleIdentity) { + // ... + } + // ... +} +``` + +```js title=src/tasks.js +import { findUserIdentity } from 'wasp/client/auth' + +export const createTask = async (args, context) => { + const emailIdentity = findUserIdentity(context.user, 'email') + const googleIdentity = findUserIdentity(context.user, 'google') + if (emailIdentity) { + // ... + } else if (googleIdentity) { + // ... + } + // ... +} +``` + + + + + +```tsx title="src/MainPage.tsx" +import { findUserIdentity, AuthUser } from 'wasp/auth' + +const MainPage = ({ user }: { user: AuthUser }) => { + const emailIdentity = findUserIdentity(user, 'email') + const googleIdentity = findUserIdentity(user, 'google') + if (emailIdentity) { + // ... + } else if (googleIdentity) { + // ... + } + // ... +} +``` + +```ts title=src/tasks.ts +import { findUserIdentity } from 'wasp/client/auth' + +export const createTask: CreateTask<...> = async (args, context) => { + const emailIdentity = findUserIdentity(context.user, 'email') + const googleIdentity = findUserIdentity(context.user, 'google') + if (emailIdentity) { + // ... + } else if (googleIdentity) { + // ... + } + // ... +} +``` + + + + +## Custom Signup Action + +Let's take a look at how you can use the `Auth` and `AuthIdentity` entities to create custom login and signup actions. For example, you might want to create a custom signup action that creates a user in your app and also creates a user in a third-party service. + +:::info Custom Signup Examples + +In the [Email](./email#creating-a-custom-sign-up-action) section of the docs we give you an example for custom email signup and in the [Username & password](./username-and-pass#2-creating-your-custom-sign-up-action) section of the docs we give you an example for custom username & password signup. +::: + +Below is a simplified version of a custom signup action which you probably wouldn't use in your app but it shows you how you can use the `Auth` and `AuthIdentity` entities to create a custom signup action. + + + + +```wasp title="main.wasp" +// ... + +action customSignup { + fn: import { signup } from "@src/auth/signup.js", + entities: [User] +} +``` + + +```js title="src/auth/signup.js" +import { + createProviderId, + sanitizeAndSerializeProviderData, + createUser, +} from 'wasp/server/auth' + +export const signup = async (args, { entities: { User } }) => { + try { + // Provider ID is a combination of the provider name and the provider user ID + // And it is used to uniquely identify the user in your app + const providerId = createProviderId('username', args.username) + // sanitizeAndSerializeProviderData hashes the password and returns a JSON string + const providerData = await sanitizeAndSerializeProviderData({ + hashedPassword: args.password, + }) + + await createUser( + providerId, + providerData, + // Any additional data you want to store on the User entity + {}, + ) + + // This is equivalent to: + // await User.create({ + // data: { + // auth: { + // create: { + // identities: { + // create: { + // providerName: 'username', + // providerUserId: args.username + // providerData, + // }, + // }, + // } + // }, + // } + // }) + } catch (e) { + return { + success: false, + message: e.message, + } + } + + // Your custom code after sign-up. + // ... + + return { + success: true, + message: 'User created successfully', + } +} +``` + + + +```wasp title="main.wasp" +// ... + +action customSignup { + fn: import { signup } from "@src/auth/signup.js", + entities: [User] +} +``` + +```ts title="src/auth/signup.ts" +import { + createProviderId, + sanitizeAndSerializeProviderData, + createUser, +} from 'wasp/server/auth' +import type { CustomSignup } from 'wasp/server/operations' + +type CustomSignupInput = { + username: string + password: string +} +type CustomSignupOutput = { + success: boolean + message: string +} + +export const signup: CustomSignup< + CustomSignupInput, + CustomSignupOutput +> = async (args, { entities: { User } }) => { + try { + // Provider ID is a combination of the provider name and the provider user ID + // And it is used to uniquely identify the user in your app + const providerId = createProviderId('username', args.username) + // sanitizeAndSerializeProviderData hashes the password and returns a JSON string + const providerData = await sanitizeAndSerializeProviderData<'username'>({ + hashedPassword: args.password, + }) + + await createUser( + providerId, + providerData, + // Any additional data you want to store on the User entity + {}, + ) + + // This is equivalent to: + // await User.create({ + // data: { + // auth: { + // create: { + // identities: { + // create: { + // providerName: 'username', + // providerUserId: args.username + // providerData, + // }, + // }, + // } + // }, + // } + // }) + } catch (e) { + return { + success: false, + message: e.message, + } + } + + // Your custom code after sign-up. + // ... + + return { + success: true, + message: 'User created successfully', + } +} +``` + + + +You can use whichever method suits your needs better: either the `createUser` function or Prisma's `User.create` method. The `createUser` function is a bit more convenient to use because it hides some of the complexity. On the other hand, the `User.create` method gives you more control over the data that is stored in the `Auth` and `AuthIdentity` entities. \ No newline at end of file diff --git a/web/versioned_docs/version-0.13.11/auth/overview.md b/web/versioned_docs/version-0.13.11/auth/overview.md new file mode 100644 index 0000000000..c3666b81f4 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/auth/overview.md @@ -0,0 +1,1195 @@ +--- +title: Overview +--- + +import { AuthMethodsGrid } from "@site/src/components/AuthMethodsGrid"; +import { Required } from '@site/src/components/Tag'; +import ReadMoreAboutAuthEntities from './\_read-more-about-auth-entities.md'; + +Auth is an essential piece of any serious application. That's why Wasp provides authentication and authorization support out of the box. + +Here's a 1-minute tour of how full-stack auth works in Wasp: + +
    + +
    + +Enabling auth for your app is optional and can be done by configuring the `auth` field of your `app` declaration: + + + + +```wasp title="main.wasp" +app MyApp { + title: "My app", + //... + auth: { + userEntity: User, + methods: { + usernameAndPassword: {}, // use this or email, not both + email: {}, // use this or usernameAndPassword, not both + google: {}, + gitHub: {}, + }, + onAuthFailedRedirectTo: "/someRoute" + } +} + +//... +``` + + + + +```wasp title="main.wasp" +app MyApp { + title: "My app", + //... + auth: { + userEntity: User, + methods: { + usernameAndPassword: {}, // use this or email, not both + email: {}, // use this or usernameAndPassword, not both + google: {}, + gitHub: {}, + }, + onAuthFailedRedirectTo: "/someRoute" + } +} + +//... +``` + + + + + + +Read more about the `auth` field options in the [API Reference](#api-reference) section. + + + +We will provide a quick overview of auth in Wasp and link to more detailed documentation for each auth method. + +## Available auth methods + +Wasp supports the following auth methods: + + + +Let's say we enabled the [Username & password](../auth/username-and-pass) authentication. + +We get an auth backend with signup and login endpoints. We also get the `user` object in our [Operations](../data-model/operations/overview) and we can decide what to do based on whether the user is logged in or not. + +We would also get the [Auth UI](../auth/ui) generated for us. We can set up our login and signup pages where our users can **create their account** and **login**. We can then protect certain pages by setting `authRequired: true` for them. This will make sure that only logged-in users can access them. + +We will also have access to the `user` object in our frontend code, so we can show different UI to logged-in and logged-out users. For example, we can show the user's name in the header alongside a **logout button** or a login button if the user is not logged in. + +## Protecting a page with `authRequired` + +When declaring a page, you can set the `authRequired` property. + +If you set it to `true`, only authenticated users can access the page. Unauthenticated users are redirected to a route defined by the `app.auth.onAuthFailedRedirectTo` field. + + + + +```wasp title="main.wasp" +page MainPage { + component: import Main from "@src/pages/Main", + authRequired: true +} +``` + + + + +```wasp title="main.wasp" +page MainPage { + component: import Main from "@src/pages/Main", + authRequired: true +} +``` + + + + +:::caution Requires auth method +You can only use `authRequired` if your app uses one of the [available auth methods](#available-auth-methods). +::: + +If `authRequired` is set to `true`, the page's React component (specified by the `component` property) receives the `user` object as a prop. Read more about the `user` object in the [Accessing the logged-in user section](#accessing-the-logged-in-user). + +## Logout action + +We provide an action for logging out the user. Here's how you can use it: + + + + +```jsx title="src/components/LogoutButton.jsx" +import { logout } from 'wasp/client/auth' + +const LogoutButton = () => { + return +} +``` + + + + +```tsx title="src/components/LogoutButton.tsx" +import { logout } from 'wasp/client/auth' + +const LogoutButton = () => { + return +} +``` + + + + +## Accessing the logged-in user + +You can get access to the `user` object both on the server and on the client. The `user` object contains the logged-in user's data. + +The `user` object has all the fields that you defined in your `User` entity, plus the `auth` field which contains the auth identities connected to the user. For example, if the user signed up with their email, the `user` object might look something like this: + +```js +const user = { + id: "19c7d164-b5cb-4dde-a0cc-0daea77cf854", + + // Your entity's fields. + address: "My address", + // ... + + // Auth identities connected to the user. + auth: { + id: "26ab6f96-ed76-4ee5-9ac3-2fd0bf19711f", + identities: [ + { + providerName: "email", + providerUserId: "some@email.com", + providerData: { ... }, + }, + ] + }, +} +``` + + + +### On the client + +There are two ways to access the `user` object on the client: + +- the `user` prop +- the `useAuth` hook + +#### Using the `user` prop + +If the page's declaration sets `authRequired` to `true`, the page's React component receives the `user` object as a prop: + + + + +```wasp title="main.wasp" +// ... + +page AccountPage { + component: import Account from "@src/pages/Account", + authRequired: true +} +``` + +```jsx title="src/pages/Account.jsx" +import Button from './Button' +import { logout } from 'wasp/client/auth' + +const AccountPage = ({ user }) => { + return ( +
    + + {JSON.stringify(user, null, 2)} +
    + ) +} + +export default AccountPage +``` + +     + + +```wasp title="main.wasp" +// ... + +page AccountPage { + component: import Account from "@src/pages/Account", + authRequired: true +} +``` + +```tsx title="src/pages/Account.tsx" +import { type AuthUser } from 'wasp/auth' +import Button from './Button' +import { logout } from 'wasp/client/auth' + +const AccountPage = ({ user }: { user: AuthUser }) => { + return ( +
    + + {JSON.stringify(user, null, 2)} +
    + ) +} + +export default AccountPage +``` + +     +     + +#### Using the `useAuth` hook + +Wasp provides a React hook you can use in the client components - `useAuth`. + +This hook is a thin wrapper over Wasp's `useQuery` hook and returns data in the same format. + + + + +```jsx title="src/pages/MainPage.jsx" +import { useAuth, logout } from 'wasp/client/auth' +import { Link } from 'react-router-dom' +import Todo from '../Todo' + +export function Main() { + const { data: user } = useAuth() + + if (!user) { + return ( + + Please login or{' '} + sign up. + + ) + } else { + return ( + <> + + + + ) + } +} +``` + + + + +```tsx title="src/pages/MainPage.tsx" +import { useAuth, logout } from 'wasp/client/auth' +import { Link } from 'react-router-dom' +import Todo from '../Todo' + +export function Main() { + const { data: user } = useAuth() + + if (!user) { + return ( + + Please login or sign up. + + ) + } else { + return ( + <> + + + < /> + ) + } +} +``` + + + + +:::tip +Since the `user` prop is only available in a page's React component: use the `user` prop in the page's React component and the `useAuth` hook in any other React component. +::: + +### On the server + +#### Using the `context.user` object + +When authentication is enabled, all [queries and actions](../data-model/operations/overview) have access to the `user` object through the `context` argument. `context.user` contains all User entity's fields and the auth identities connected to the user. We strip out the `hashedPassword` field from the identities for security reasons. + + + + +```js title="src/actions.js" +import { HttpError } from 'wasp/server' + +export const createTask = async (task, context) => { + if (!context.user) { + throw new HttpError(403) + } + + const Task = context.entities.Task + return Task.create({ + data: { + description: task.description, + user: { + connect: { id: context.user.id }, + }, + }, + }) +} +``` + + + + +```ts title="src/actions.ts" +import { type Task } from 'wasp/entities' +import { type CreateTask } from 'wasp/server/operations' +import { HttpError } from 'wasp/server' + +type CreateTaskPayload = Pick + +export const createTask: CreateTask = async ( + args, + context +) => { + if (!context.user) { + throw new HttpError(403) + } + + const Task = context.entities.Task + return Task.create({ + data: { + description: args.description, + user: { + connect: { id: context.user.id }, + }, + }, + }) +} +``` + + + + +To implement access control in your app, each operation must check `context.user` and decide what to do. For example, if `context.user` is `undefined` inside a private operation, the user's access should be denied. + +When using WebSockets, the `user` object is also available on the `socket.data` object. Read more in the [WebSockets section](../advanced/web-sockets#websocketfn-function). + +## Sessions + +Wasp's auth uses sessions to keep track of the logged-in user. The session is stored in `localStorage` on the client and in the database on the server. Under the hood, Wasp uses the excellent [Lucia Auth v3](https://v3.lucia-auth.com/) library for session management. + +When users log in, Wasp creates a session for them and stores it in the database. The session is then sent to the client and stored in `localStorage`. When users log out, Wasp deletes the session from the database and from `localStorage`. + +## User Entity + +### Password Hashing + +If you are saving a user's password in the database, you should **never** save it as plain text. You can use Wasp's helper functions for serializing and deserializing provider data which will automatically hash the password for you: + +```wasp title="main.wasp" +// ... + +action updatePassword { + fn: import { updatePassword } from "@src/auth", +} +``` + + + + +```js title="src/auth.js" +import { + createProviderId, + findAuthIdentity, + updateAuthIdentityProviderData, + deserializeAndSanitizeProviderData, +} from 'wasp/server/auth'; + +export const updatePassword = async (args, context) => { + const providerId = createProviderId('email', args.email) + const authIdentity = await findAuthIdentity(providerId) + if (!authIdentity) { + throw new HttpError(400, "Unknown user") + } + + const providerData = deserializeAndSanitizeProviderData(authIdentity.providerData) + + // Updates the password and hashes it automatically. + await updateAuthIdentityProviderData(providerId, providerData, { + hashedPassword: args.password, + }) +} +``` + + + + +```ts title="src/auth.ts" +import { + createProviderId, + findAuthIdentity, + updateAuthIdentityProviderData, + deserializeAndSanitizeProviderData, +} from 'wasp/server/auth'; +import { type UpdatePassword } from 'wasp/server/operations' + +export const updatePassword: UpdatePassword< + { email: string; password: string }, + void, +> = async (args, context) => { + const providerId = createProviderId('email', args.email) + const authIdentity = await findAuthIdentity(providerId) + if (!authIdentity) { + throw new HttpError(400, "Unknown user") + } + + const providerData = deserializeAndSanitizeProviderData<'email'>(authIdentity.providerData) + + // Updates the password and hashes it automatically. + await updateAuthIdentityProviderData(providerId, providerData, { + hashedPassword: args.password, + }) +} +``` + + + + +### Default Validations + +When you are using the default authentication flow, Wasp validates the fields with some default validations. These validations run if you use Wasp's built-in [Auth UI](./ui) or if you use the provided auth actions. + +If you decide to create your [custom auth actions](./username-and-pass#2-creating-your-custom-sign-up-action), you'll need to run the validations yourself. + +Default validations depend on the auth method you use. + +#### Username & Password + +If you use [Username & password](./username-and-pass) authentication, the default validations are: + +- The `username` must not be empty +- The `password` must not be empty, have at least 8 characters, and contain a number + +Note that `username`s are stored in a **case-insensitive** manner. + +#### Email + +If you use [Email](./email) authentication, the default validations are: + +- The `email` must not be empty and a valid email address +- The `password` must not be empty, have at least 8 characters, and contain a number + +Note that `email`s are stored in a **case-insensitive** manner. + +## Customizing the Signup Process + +Sometimes you want to include **extra fields** in your signup process, like first name and last name and save them in the `User` entity. + +For this to happen: + +- you need to define the fields that you want saved in the database, +- you need to customize the `SignupForm` (in the case of [Email](./email) or [Username & Password](./username-and-pass) auth) + + +Other times, you might need to just add some **extra UI** elements to the form, like a checkbox for terms of service. In this case, customizing only the UI components is enough. + +Let's see how to do both. + +### 1. Defining Extra Fields + +If we want to **save** some extra fields in our signup process, we need to tell our app they exist. + +We do that by defining an object where the keys represent the field name, and the values are functions that receive the data sent from the client\* and return the value of the field. + + + +\* We exclude the `password` field from this object to prevent it from being saved as plain-text in the database. The `password` field is handled by Wasp's auth backend. + + +First, we add the `auth.methods.{authMethod}.userSignupFields` field in our `main.wasp` file. The `{authMethod}` depends on the auth method you are using. + +For example, if you are using [Username & Password](./username-and-pass), you would add the `auth.methods.usernameAndPassword.userSignupFields` field: + + + + +```wasp title="main.wasp" +app crudTesting { + // ... + auth: { + userEntity: User, + methods: { + usernameAndPassword: { + userSignupFields: import { userSignupFields } from "@src/auth/signup", + }, + }, + onAuthFailedRedirectTo: "/login", + }, +} + +entity User {=psl + id Int @id @default(autoincrement()) + address String? +psl=} +``` + +Then we'll define the `userSignupFields` object in the `src/auth/signup.js` file: + +```ts title="src/auth/signup.js" +import { defineUserSignupFields } from 'wasp/server/auth' + +export const userSignupFields = defineUserSignupFields({ + address: async (data) => { + const address = data.address + if (typeof address !== 'string') { + throw new Error('Address is required') + } + if (address.length < 5) { + throw new Error('Address must be at least 5 characters long') + } + return address + }, +}) +``` + + + + +```wasp title="main.wasp" +app crudTesting { + // ... + auth: { + userEntity: User, + methods: { + usernameAndPassword: { + userSignupFields: import { userSignupFields } from "@src/auth/signup", + }, + }, + onAuthFailedRedirectTo: "/login", + }, +} + +entity User {=psl + id Int @id @default(autoincrement()) + address String? +psl=} +``` + +Then we'll define the `userSignupFields` object in the `src/auth/signup.js` file: + +```ts title="src/auth/signup.ts" +import { defineUserSignupFields } from 'wasp/server/auth' + +export const userSignupFields = defineUserSignupFields({ + address: async (data) => { + const address = data.address + if (typeof address !== 'string') { + throw new Error('Address is required') + } + if (address.length < 5) { + throw new Error('Address must be at least 5 characters long') + } + return address + }, +}) +``` + + + + + + +Read more about the `userSignupFields` object in the [API Reference](#signup-fields-customization). + + +Keep in mind, that these field names need to exist on the `userEntity` you defined in your `main.wasp` file e.g. `address` needs to be a field on the `User` entity. + +The field function will receive the data sent from the client and it needs to return the value that will be saved into the database. If the field is invalid, the function should throw an error. + +:::info Using Validation Libraries + +You can use any validation library you want to validate the fields. For example, you can use `zod` like this: + +
    +Click to see the code + + + + +```js title="src/auth/signup.js" +import { defineUserSignupFields } from 'wasp/server/auth' +import * as z from 'zod' + +export const userSignupFields = defineUserSignupFields({ + address: (data) => { + const AddressSchema = z + .string({ + required_error: 'Address is required', + invalid_type_error: 'Address must be a string', + }) + .min(10, 'Address must be at least 10 characters long') + const result = AddressSchema.safeParse(data.address) + if (result.success === false) { + throw new Error(result.error.issues[0].message) + } + return result.data + }, +}) +``` + + + + +```ts title="src/auth/signup.ts" +import { defineUserSignupFields } from 'wasp/server/auth' +import * as z from 'zod' + +export const userSignupFields = defineUserSignupFields({ + address: (data) => { + const AddressSchema = z + .string({ + required_error: 'Address is required', + invalid_type_error: 'Address must be a string', + }) + .min(10, 'Address must be at least 10 characters long') + const result = AddressSchema.safeParse(data.address) + if (result.success === false) { + throw new Error(result.error.issues[0].message) + } + return result.data + }, +}) +``` + + + +
    + +::: + +Now that we defined the fields, Wasp knows how to: + +1. Validate the data sent from the client +2. Save the data to the database + +Next, let's see how to customize [Auth UI](../auth/ui) to include those fields. + +### 2. Customizing the Signup Component + +:::tip Using Custom Signup Component + +If you are not using Wasp's Auth UI, you can skip this section. Just make sure to include the extra fields in your custom signup form. + +Read more about using the signup actions for: + +- email auth [here](../auth/email#fields-in-the-email-dict) +- username & password auth [here](../auth/username-and-pass#customizing-the-auth-flow) +::: + +If you are using Wasp's Auth UI, you can customize the `SignupForm` component by passing the `additionalFields` prop to it. It can be either a list of extra fields or a render function. + +#### Using a List of Extra Fields + +When you pass in a list of extra fields to the `SignupForm`, they are added to the form one by one, in the order you pass them in. + +Inside the list, there can be either **objects** or **render functions** (you can combine them): + +1. Objects are a simple way to describe new fields you need, but a bit less flexible than render functions. +2. Render functions can be used to render any UI you want, but they require a bit more code. The render functions receive the `react-hook-form` object and the form state object as arguments. + + + + +```jsx title="src/SignupPage.jsx" +import { + SignupForm, + FormError, + FormInput, + FormItemGroup, + FormLabel, +} from 'wasp/client/auth' + +export const SignupPage = () => { + return ( + { + return ( + + Phone Number + + {form.formState.errors.phoneNumber && ( + + {form.formState.errors.phoneNumber.message} + + )} + + ) + }, + ]} + /> + ) +} +``` + + + + +```tsx title="src/SignupPage.tsx" +import { + SignupForm, + FormError, + FormInput, + FormItemGroup, + FormLabel, +} from 'wasp/client/auth' + +export const SignupPage = () => { + return ( + { + return ( + + Phone Number + + {form.formState.errors.phoneNumber && ( + + {form.formState.errors.phoneNumber.message} + + )} + + ) + }, + ]} + /> + ) +} +``` + + + + + + +Read more about the extra fields in the [API Reference](#signupform-customization). + + +#### Using a Single Render Function + +Instead of passing in a list of extra fields, you can pass in a render function which will receive the `react-hook-form` object and the form state object as arguments. What ever the render function returns, will be rendered below the default fields. + + + + +```jsx title="src/SignupPage.jsx" +import { SignupForm, FormItemGroup } from 'wasp/client/auth' + +export const SignupPage = () => { + return ( + { + const username = form.watch('username') + return ( + username && ( + + Hello there {username} πŸ‘‹ + + ) + ) + }} + /> + ) +} +``` + + + + +```tsx title="src/SignupPage.tsx" +import { SignupForm, FormItemGroup } from 'wasp/client/auth' + +export const SignupPage = () => { + return ( + { + const username = form.watch('username') + return ( + username && ( + + Hello there {username} πŸ‘‹ + + ) + ) + }} + /> + ) +} +``` + + + + + + +Read more about the render function in the [API Reference](#signupform-customization). + + +## API Reference + +### Auth Fields + + + + +```wasp title="main.wasp" + title: "My app", + //... + auth: { + userEntity: User, + methods: { + usernameAndPassword: {}, // use this or email, not both + email: {}, // use this or usernameAndPassword, not both + google: {}, + gitHub: {}, + }, + onAuthFailedRedirectTo: "/someRoute", + signup: { ... } + } +} + +//... +``` + + + + +```wasp title="main.wasp" +app MyApp { + title: "My app", + //... + auth: { + userEntity: User, + methods: { + usernameAndPassword: {}, // use this or email, not both + email: {}, // use this or usernameAndPassword, not both + google: {}, + gitHub: {}, + }, + onAuthFailedRedirectTo: "/someRoute", + signup: { ... } + } +} + +//... +``` + + + + +`app.auth` is a dictionary with the following fields: + +#### `userEntity: entity` + +The entity representing the user connected to your business logic. + + + +#### `methods: dict` + +A dictionary of auth methods enabled for the app. + + + +#### `onAuthFailedRedirectTo: String` + +The route to which Wasp should redirect unauthenticated user when they try to access a private page (i.e., a page that has `authRequired: true`). +Check out these [essentials docs on auth](../tutorial/auth#adding-auth-to-the-project) to see an example of usage. + +#### `onAuthSucceededRedirectTo: String` + +The route to which Wasp will send a successfully authenticated after a successful login/signup. +The default value is `"/"`. + +:::note +Automatic redirect on successful login only works when using the Wasp-provided [Auth UI](../auth/ui). +::: + +#### `signup: SignupOptions` + +Read more about the signup process customization API in the [Signup Fields Customization](#signup-fields-customization) section. + +### Signup Fields Customization + +If you want to add extra fields to the signup process, the server needs to know how to save them to the database. You do that by defining the `auth.methods.{authMethod}.userSignupFields` field in your `main.wasp` file. + + + + +```wasp title="main.wasp" +app crudTesting { + // ... + auth: { + userEntity: User, + methods: { + usernameAndPassword: { + // highlight-next-line + userSignupFields: import { userSignupFields } from "@src/auth/signup", + }, + }, + onAuthFailedRedirectTo: "/login", + }, +} +``` + +Then we'll export the `userSignupFields` object from the `src/auth/signup.js` file: + +```ts title="src/auth/signup.js" +import { defineUserSignupFields } from 'wasp/server/auth' + +export const userSignupFields = defineUserSignupFields({ + address: async (data) => { + const address = data.address + if (typeof address !== 'string') { + throw new Error('Address is required') + } + if (address.length < 5) { + throw new Error('Address must be at least 5 characters long') + } + return address + }, +}) +``` + + + + +```wasp title="main.wasp" +app crudTesting { + // ... + auth: { + userEntity: User, + methods: { + usernameAndPassword: { + // highlight-next-line + userSignupFields: import { userSignupFields } from "@src/auth/signup", + }, + }, + onAuthFailedRedirectTo: "/login", + }, +} +``` + +Then we'll export the `userSignupFields` object from the `src/auth/signup.ts` file: + +```ts title="src/auth/signup.ts" +import { defineUserSignupFields } from 'wasp/server/auth' + +export const userSignupFields = defineUserSignupFields({ + address: async (data) => { + const address = data.address + if (typeof address !== 'string') { + throw new Error('Address is required') + } + if (address.length < 5) { + throw new Error('Address must be at least 5 characters long') + } + return address + }, +}) +``` + + + + +The `userSignupFields` object is an object where the keys represent the field name, and the values are functions that receive the data sent from the client\* and return the value of the field. + +If the value that the function received is invalid, the function should throw an error. + + + +\* We exclude the `password` field from this object to prevent it from being saved as plain text in the database. The `password` field is handled by Wasp's auth backend. + + +### `SignupForm` Customization + +To customize the `SignupForm` component, you need to pass in the `additionalFields` prop. It can be either a list of extra fields or a render function. + + + + +```jsx title="src/SignupPage.jsx" +import { + SignupForm, + FormError, + FormInput, + FormItemGroup, + FormLabel, +} from 'wasp/client/auth' + +export const SignupPage = () => { + return ( + { + return ( + + Phone Number + + {form.formState.errors.phoneNumber && ( + + {form.formState.errors.phoneNumber.message} + + )} + + ) + }, + ]} + /> + ) +} +``` + + + + +```tsx title="src/SignupPage.tsx" +import { + SignupForm, + FormError, + FormInput, + FormItemGroup, + FormLabel, +} from 'wasp/client/auth' + +export const SignupPage = () => { + return ( + { + return ( + + Phone Number + + {form.formState.errors.phoneNumber && ( + + {form.formState.errors.phoneNumber.message} + + )} + + ) + }, + ]} + /> + ) +} +``` + + + + +The extra fields can be either **objects** or **render functions** (you can combine them): + +1. Objects are a simple way to describe new fields you need, but a bit less flexible than render functions. + + The objects have the following properties: + + - `name` + - the name of the field + - `label` + + - the label of the field (used in the UI) + + - `type` + + - the type of the field, which can be `input` or `textarea` + + - `validations` + - an object with the validation rules for the field. The keys are the validation names, and the values are the validation error messages. Read more about the available validation rules in the [react-hook-form docs](https://react-hook-form.com/api/useform/register#register). + +2. Render functions receive the `react-hook-form` object and the form state as arguments, and they can use them to render arbitrary UI elements. + + The render function has the following signature: + + ```ts + ;(form: UseFormReturn, state: FormState) => React.ReactNode + ``` + + - `form` + + - the `react-hook-form` object, read more about it in the [react-hook-form docs](https://react-hook-form.com/api/useform) + - you need to use the `form.register` function to register your fields + + - `state` + + - the form state object which has the following properties: + - `isLoading: boolean` + - whether the form is currently submitting diff --git a/web/versioned_docs/version-0.13.11/auth/social-auth/SocialAuthGrid.css b/web/versioned_docs/version-0.13.11/auth/social-auth/SocialAuthGrid.css new file mode 100644 index 0000000000..8efd3b68b0 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/auth/social-auth/SocialAuthGrid.css @@ -0,0 +1,29 @@ +.social-auth-grid { + display: grid; + grid-template-columns: repeat(auto-fit, minmax(300px, 1fr)); + grid-gap: 0.5rem; + margin-bottom: 1rem; +} +.auth-method-box { + display: flex; + flex-direction: column; + justify-content: center; + border: 1px solid var(--ifm-color-emphasis-300); + border-radius: var(--ifm-pagination-nav-border-radius); + padding: 1.5rem; + transition: all 0.1s ease-in-out; +} +.auth-method-box:hover { + border-color: var(--ifm-pagination-nav-color-hover); +} +.auth-method-box h3 { + margin: 0; + color: var(--ifm-link-color); +} +.auth-method-box p { + margin: 0; + color: var(--ifm-color-secondary-contrast-foreground); +} +.social-auth-info { + color: var(--ifm-color-secondary-contrast-foreground); +} diff --git a/web/versioned_docs/version-0.13.11/auth/social-auth/SocialAuthGrid.tsx b/web/versioned_docs/version-0.13.11/auth/social-auth/SocialAuthGrid.tsx new file mode 100644 index 0000000000..4aa2217974 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/auth/social-auth/SocialAuthGrid.tsx @@ -0,0 +1,58 @@ +import React from 'react' +import Link from '@docusaurus/Link' +import './SocialAuthGrid.css' + +export function SocialAuthGrid({ + pagePart = '', // e.g. #overrides +}) { + const authMethods = [ + { + title: 'Google', + description: 'Users sign in with their Google account.', + linkToDocs: '/docs/auth/social-auth/google' + pagePart, + }, + { + title: 'Github', + description: 'Users sign in with their Github account.', + linkToDocs: '/docs/auth/social-auth/github' + pagePart, + }, + { + title: 'Keycloak', + description: 'Users sign in with their Keycloak account.', + linkToDocs: '/docs/auth/social-auth/keycloak' + pagePart, + }, + ] + return ( + <> +
    + {authMethods.map((authMethod) => ( + + ))} +
    +

    + Click on each provider for more details. +

    + + ) +} + +function AuthMethodBox({ + linkToDocs, + title, + description, +}: { + linkToDocs: string + title: string + description: string +}) { + return ( + +

    {title} Β»

    +

    {description}

    + + ) +} diff --git a/web/versioned_docs/version-0.13.11/auth/social-auth/_api-reference-intro.md b/web/versioned_docs/version-0.13.11/auth/social-auth/_api-reference-intro.md new file mode 100644 index 0000000000..f9b90f022b --- /dev/null +++ b/web/versioned_docs/version-0.13.11/auth/social-auth/_api-reference-intro.md @@ -0,0 +1,10 @@ +Provider-specific behavior comes down to implementing two functions. + +- `configFn` +- `userSignupFields` + +The reference shows how to define both. + +For behavior common to all providers, check the general [API Reference](../../auth/overview.md#api-reference). + + diff --git a/web/versioned_docs/version-0.13.11/auth/social-auth/_default-behaviour.md b/web/versioned_docs/version-0.13.11/auth/social-auth/_default-behaviour.md new file mode 100644 index 0000000000..a5e2462374 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/auth/social-auth/_default-behaviour.md @@ -0,0 +1,3 @@ +When a user **signs in for the first time**, Wasp creates a new user account and links it to the chosen auth provider account for future logins. + + diff --git a/web/versioned_docs/version-0.13.11/auth/social-auth/_getuserfields-type.md b/web/versioned_docs/version-0.13.11/auth/social-auth/_getuserfields-type.md new file mode 100644 index 0000000000..091473d851 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/auth/social-auth/_getuserfields-type.md @@ -0,0 +1,3 @@ +Wasp automatically generates the `defineUserSignupFields` function to help you correctly type your `userSignupFields` object. + + diff --git a/web/versioned_docs/version-0.13.11/auth/social-auth/_override-example-intro.md b/web/versioned_docs/version-0.13.11/auth/social-auth/_override-example-intro.md new file mode 100644 index 0000000000..5b89b83a92 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/auth/social-auth/_override-example-intro.md @@ -0,0 +1,10 @@ +When a user logs in using a social login provider, the backend receives some data about the user. +Wasp lets you access this data inside the `userSignupFields` getters. + +For example, the User entity can include a `displayName` field which you can set based on the details received from the provider. + +Wasp also lets you customize the configuration of the providers' settings using the `configFn` function. + +Let's use this example to show both fields in action: + + diff --git a/web/versioned_docs/version-0.13.11/auth/social-auth/_override-intro.md b/web/versioned_docs/version-0.13.11/auth/social-auth/_override-intro.md new file mode 100644 index 0000000000..ea438c6fc2 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/auth/social-auth/_override-intro.md @@ -0,0 +1,10 @@ +By default, Wasp doesn't store any information it receives from the social login provider. It only stores the user's ID specific to the provider. + +There are two mechanisms used for overriding the default behavior: + +- `userSignupFields` +- `configFn` + +Let's explore them in more detail. + + diff --git a/web/versioned_docs/version-0.13.11/auth/social-auth/_using-auth-note.md b/web/versioned_docs/version-0.13.11/auth/social-auth/_using-auth-note.md new file mode 100644 index 0000000000..7fe740be18 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/auth/social-auth/_using-auth-note.md @@ -0,0 +1,3 @@ +To read more about how to set up the logout button and get access to the logged-in user in both client and server code, read the docs on [using auth](../../auth/overview). + + diff --git a/web/versioned_docs/version-0.13.11/auth/social-auth/_wasp-file-structure-note.md b/web/versioned_docs/version-0.13.11/auth/social-auth/_wasp-file-structure-note.md new file mode 100644 index 0000000000..b30c2c2daa --- /dev/null +++ b/web/versioned_docs/version-0.13.11/auth/social-auth/_wasp-file-structure-note.md @@ -0,0 +1,15 @@ +Here's a skeleton of how our `main.wasp` should look like after we're done: + +```wasp title="main.wasp" +// Configuring the social authentication +app myApp { + auth: { ... } +} + +// Defining entities +entity User { ... } + +// Defining routes and pages +route LoginRoute { ... } +page LoginPage { ... } +``` diff --git a/web/versioned_docs/version-0.13.11/auth/social-auth/github.md b/web/versioned_docs/version-0.13.11/auth/social-auth/github.md new file mode 100644 index 0000000000..f1359d0890 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/auth/social-auth/github.md @@ -0,0 +1,562 @@ +--- +title: GitHub +--- + +import useBaseUrl from '@docusaurus/useBaseUrl'; +import DefaultBehaviour from './\_default-behaviour.md'; +import OverrideIntro from './\_override-intro.md'; +import OverrideExampleIntro from './\_override-example-intro.md'; +import UsingAuthNote from './\_using-auth-note.md'; +import WaspFileStructureNote from './\_wasp-file-structure-note.md'; +import GetUserFieldsType from './\_getuserfields-type.md'; +import ApiReferenceIntro from './\_api-reference-intro.md'; +import UserSignupFieldsExplainer from '../\_user-signup-fields-explainer.md'; + +Wasp supports Github Authentication out of the box. +GitHub is a great external auth choice when you're building apps for developers, as most of them already have a GitHub account. + +Letting your users log in using their GitHub accounts turns the signup process into a breeze. + +Let's walk through enabling Github Authentication, explain some of the default settings, and show how to override them. + +## Setting up Github Auth + +Enabling GitHub Authentication comes down to a series of steps: + +1. Enabling GitHub authentication in the Wasp file. +1. Adding the `User` entity. +1. Creating a GitHub OAuth app. +1. Adding the necessary Routes and Pages +1. Using Auth UI components in our Pages. + + + +### 1. Adding Github Auth to Your Wasp File + +Let's start by properly configuring the Auth object: + + + + +```wasp title="main.wasp" +app myApp { + wasp: { + version: "^0.13.0" + }, + title: "My App", + auth: { + // highlight-next-line + // 1. Specify the User entity (we'll define it next) + // highlight-next-line + userEntity: User, + methods: { + // highlight-next-line + // 2. Enable Github Auth + // highlight-next-line + gitHub: {} + }, + onAuthFailedRedirectTo: "/login" + }, +} +``` + + + + +```wasp title="main.wasp" +app myApp { + wasp: { + version: "^0.13.0" + }, + title: "My App", + auth: { + // highlight-next-line + // 1. Specify the User entity (we'll define it next) + // highlight-next-line + userEntity: User, + methods: { + // highlight-next-line + // 2. Enable Github Auth + // highlight-next-line + gitHub: {} + }, + onAuthFailedRedirectTo: "/login" + }, +} +``` + + + + +### 2. Add the User Entity + +Let's now define the `app.auth.userEntity` entity: + + + + +```wasp title="main.wasp" +// ... +// 3. Define the User entity +// highlight-next-line +entity User {=psl + id Int @id @default(autoincrement()) + // ... +psl=} +``` + + + + +```wasp title="main.wasp" +// ... +// 3. Define the User entity +// highlight-next-line +entity User {=psl + id Int @id @default(autoincrement()) + // ... +psl=} +``` + + + + +### 3. Creating a GitHub OAuth App + +To use GitHub as an authentication method, you'll first need to create a GitHub OAuth App and provide Wasp with your client key and secret. Here's how you do it: + +1. Log into your GitHub account and navigate to: https://github.com/settings/developers. +2. Select **New OAuth App**. +3. Supply required information. + +GitHub Applications Screenshot + +- For **Authorization callback URL**: + - For development, put: `http://localhost:3001/auth/github/callback`. + - Once you know on which URL your API server will be deployed, you can create a new app with that URL instead e.g. `https://your-server-url.com/auth/github/callback`. + +4. Hit **Register application**. +5. Hit **Generate a new client secret** on the next page. +6. Copy your Client ID and Client secret as you'll need them in the next step. + +### 4. Adding Environment Variables + +Add these environment variables to the `.env.server` file at the root of your project (take their values from the previous step): + +```bash title=".env.server" +GITHUB_CLIENT_ID=your-github-client-id +GITHUB_CLIENT_SECRET=your-github-client-secret +``` + +### 5. Adding the Necessary Routes and Pages + +Let's define the necessary authentication Routes and Pages. + +Add the following code to your `main.wasp` file: + + + + +```wasp title="main.wasp" +// ... + +// 6. Define the routes +route LoginRoute { path: "/login", to: LoginPage } +page LoginPage { + component: import { Login } from "@src/pages/auth.jsx" +} +``` + + + + +```wasp title="main.wasp" +// ... + +// 6. Define the routes +route LoginRoute { path: "/login", to: LoginPage } +page LoginPage { + component: import { Login } from "@src/pages/auth.tsx" +} +``` + + + + +We'll define the React components for these pages in the `src/pages/auth.{jsx,tsx}` file below. + +### 6. Creating the Client Pages + +:::info +We are using [Tailwind CSS](https://tailwindcss.com/) to style the pages. Read more about how to add it [here](../../project/css-frameworks). +::: + +Let's create a `auth.{jsx,tsx}` file in the `src/pages` folder and add the following to it: + + + + +```tsx title="src/pages/auth.jsx" +import { LoginForm } from 'wasp/client/auth' + +export function Login() { + return ( + + + + ) +} + +// A layout component to center the content +export function Layout({ children }) { + return ( +
    +
    +
    +
    {children}
    +
    +
    +
    + ) +} +``` + +     + + +```tsx title="src/pages/auth.tsx" +import { LoginForm } from 'wasp/client/auth' + +export function Login() { + return ( + + + + ) +} + +// A layout component to center the content +export function Layout({ children }: { children: React.ReactNode }) { + return ( +
    +
    +
    +
    {children}
    +
    +
    +
    + ) +} +``` + +     +     + +We imported the generated Auth UI components and used them in our pages. Read more about the Auth UI components [here](../../auth/ui). + +### Conclusion + +Yay, we've successfully set up Github Auth! πŸŽ‰ + +![Github Auth](/img/auth/github.png) + +Running `wasp db migrate-dev` and `wasp start` should now give you a working app with authentication. +To see how to protect specific pages (i.e., hide them from non-authenticated users), read the docs on [using auth](../../auth/overview). + +## Default Behaviour + +Add `gitHub: {}` to the `auth.methods` dictionary to use it with default settings. + + + + +```wasp title=main.wasp +app myApp { + wasp: { + version: "^0.13.0" + }, + title: "My App", + auth: { + userEntity: User, + methods: { + // highlight-next-line + gitHub: {} + }, + onAuthFailedRedirectTo: "/login" + }, +} +``` + + + + +```wasp title=main.wasp +app myApp { + wasp: { + version: "^0.13.0" + }, + title: "My App", + auth: { + userEntity: User, + methods: { + // highlight-next-line + gitHub: {} + }, + onAuthFailedRedirectTo: "/login" + }, +} +``` + + + + + + +## Overrides + + + +### Data Received From GitHub + +We are using GitHub's API and its `/user` and `/user/emails` endpoints to get the user data. + +:::info We combine the data from the two endpoints + +You'll find the emails in the `emails` property in the object that you receive in `userSignupFields`. + +This is because we combine the data from the `/user` and `/user/emails` endpoints **if the `user` or `user:email` scope is requested.** + +::: + +The data we receive from GitHub on the `/user` endpoint looks something this: + +```json +{ + "login": "octocat", + "id": 1, + "name": "monalisa octocat", + "avatar_url": "https://github.com/images/error/octocat_happy.gif", + "gravatar_id": "", + // ... +} +``` + +And the data from the `/user/emails` endpoint looks something like this: + +```json +[ + { + "email": "octocat@github.com", + "verified": true, + "primary": true, + "visibility": "public" + } +] +``` + +The fields you receive will depend on the scopes you requested. By default we don't specify any scopes. If you want to get the emails, you need to specify the `user` or `user:email` scope in the `configFn` function. + + + +For an up to date info about the data received from GitHub, please refer to the [GitHub API documentation](https://docs.github.com/en/rest/users/users?apiVersion=2022-11-28#get-the-authenticated-user). + + +### Using the Data Received From GitHub + + + + + + +```wasp title="main.wasp" +app myApp { + wasp: { + version: "^0.13.0" + }, + title: "My App", + auth: { + userEntity: User, + methods: { + gitHub: { + // highlight-next-line + configFn: import { getConfig } from "@src/auth/github.js", + // highlight-next-line + userSignupFields: import { userSignupFields } from "@src/auth/github.js" + } + }, + onAuthFailedRedirectTo: "/login" + }, +} + +entity User {=psl + id Int @id @default(autoincrement()) + username String @unique + displayName String +psl=} + +// ... +``` + +```js title=src/auth/github.js +export const userSignupFields = { + username: () => "hardcoded-username", + displayName: (data) => data.profile.name, +}; + +export function getConfig() { + return { + scopes: ['user'], + }; +} +``` + + + + +```wasp title="main.wasp" +app myApp { + wasp: { + version: "^0.13.0" + }, + title: "My App", + auth: { + userEntity: User, + methods: { + gitHub: { + // highlight-next-line + configFn: import { getConfig } from "@src/auth/github.js", + // highlight-next-line + userSignupFields: import { userSignupFields } from "@src/auth/github.js" + } + }, + onAuthFailedRedirectTo: "/login" + }, +} + +entity User {=psl + id Int @id @default(autoincrement()) + username String @unique + displayName String +psl=} + +// ... +``` + +```ts title=src/auth/github.ts +import { defineUserSignupFields } from 'wasp/server/auth' + +export const userSignupFields = defineUserSignupFields({ + username: () => "hardcoded-username", + displayName: (data: any) => data.profile.name, +}) + +export function getConfig() { + return { + scopes: ['user'], + } +} +``` + + + + + + +## Using Auth + + + +## API Reference + + + + + + +```wasp title="main.wasp" +app myApp { + wasp: { + version: "^0.13.0" + }, + title: "My App", + auth: { + userEntity: User, + methods: { + gitHub: { + // highlight-next-line + configFn: import { getConfig } from "@src/auth/github.js", + // highlight-next-line + userSignupFields: import { userSignupFields } from "@src/auth/github.js" + } + }, + onAuthFailedRedirectTo: "/login" + }, +} +``` + + + + +```wasp title="main.wasp" +app myApp { + wasp: { + version: "^0.13.0" + }, + title: "My App", + auth: { + userEntity: User, + methods: { + gitHub: { + // highlight-next-line + configFn: import { getConfig } from "@src/auth/github.js", + // highlight-next-line + userSignupFields: import { userSignupFields } from "@src/auth/github.js" + } + }, + onAuthFailedRedirectTo: "/login" + }, +} +``` + + + + +The `gitHub` dict has the following properties: + +- #### `configFn: ExtImport` + + This function should return an object with the scopes for the OAuth provider. + + + + + ```js title=src/auth/github.js + export function getConfig() { + return { + scopes: [], + } + } + ``` + + + + + ```ts title=src/auth/github.ts + export function getConfig() { + return { + scopes: [], + } + } + ``` + + + + +- #### `userSignupFields: ExtImport` + + + + Read more about the `userSignupFields` function [here](../overview#1-defining-extra-fields). diff --git a/web/versioned_docs/version-0.13.11/auth/social-auth/google.md b/web/versioned_docs/version-0.13.11/auth/social-auth/google.md new file mode 100644 index 0000000000..a9028eeb1c --- /dev/null +++ b/web/versioned_docs/version-0.13.11/auth/social-auth/google.md @@ -0,0 +1,588 @@ +--- +title: Google +--- + +import useBaseUrl from '@docusaurus/useBaseUrl'; +import DefaultBehaviour from './\_default-behaviour.md'; +import OverrideIntro from './\_override-intro.md'; +import OverrideExampleIntro from './\_override-example-intro.md'; +import UsingAuthNote from './\_using-auth-note.md'; +import WaspFileStructureNote from './\_wasp-file-structure-note.md'; +import GetUserFieldsType from './\_getuserfields-type.md'; +import ApiReferenceIntro from './\_api-reference-intro.md'; +import UserSignupFieldsExplainer from '../\_user-signup-fields-explainer.md'; + +Wasp supports Google Authentication out of the box. +Google Auth is arguably the best external auth option, as most users on the web already have Google accounts. + +Enabling it lets your users log in using their existing Google accounts, greatly simplifying the process and enhancing the user experience. + +Let's walk through enabling Google authentication, explain some of the default settings, and show how to override them. + +## Setting up Google Auth + +Enabling Google Authentication comes down to a series of steps: + +1. Enabling Google authentication in the Wasp file. +1. Adding the `User` entity. +1. Creating a Google OAuth app. +1. Adding the necessary Routes and Pages +1. Using Auth UI components in our Pages. + + + +### 1. Adding Google Auth to Your Wasp File + +Let's start by properly configuring the Auth object: + + + + +```wasp title="main.wasp" +app myApp { + wasp: { + version: "^0.13.0" + }, + title: "My App", + auth: { + // 1. Specify the User entity (we'll define it next) + // highlight-next-line + userEntity: User, + methods: { + // 2. Enable Google Auth + // highlight-next-line + google: {} + }, + onAuthFailedRedirectTo: "/login" + }, +} +``` + + + + +```wasp title="main.wasp" +app myApp { + wasp: { + version: "^0.13.0" + }, + title: "My App", + auth: { + // 1. Specify the User entity (we'll define it next) + // highlight-next-line + userEntity: User, + methods: { + // 2. Enable Google Auth + // highlight-next-line + google: {} + }, + onAuthFailedRedirectTo: "/login" + }, +} +``` + + + + +`userEntity` is explained in [the social auth overview](../../auth/social-auth/overview#social-login-entity). + +### 2. Adding the User Entity + +Let's now define the `app.auth.userEntity` entity: + + + + +```wasp title="main.wasp" +// ... +// 3. Define the User entity +// highlight-next-line +entity User {=psl + id Int @id @default(autoincrement()) + // ... +psl=} +``` + + + + +```wasp title="main.wasp" +// ... +// 3. Define the User entity +// highlight-next-line +entity User {=psl + id Int @id @default(autoincrement()) + // ... +psl=} +``` + + + + +### 3. Creating a Google OAuth App + +To use Google as an authentication method, you'll first need to create a Google project and provide Wasp with your client key and secret. Here's how you do it: + +1. Create a Google Cloud Platform account if you do not already have one: https://cloud.google.com/ +2. Create and configure a new Google project here: https://console.cloud.google.com/home/dashboard + +![Google Console Screenshot 1](/img/integrations-google-1.jpg) + +![Google Console Screenshot 2](/img/integrations-google-2.jpg) + +3. Search for **OAuth** in the top bar, click on **OAuth consent screen**. + +![Google Console Screenshot 3](/img/integrations-google-3.jpg) + +- Select what type of app you want, we will go with **External**. + + ![Google Console Screenshot 4](/img/integrations-google-4.jpg) + +- Fill out applicable information on Page 1. + + ![Google Console Screenshot 5](/img/integrations-google-5.jpg) + +- On Page 2, Scopes, you should select `userinfo.profile`. You can optionally search for other things, like `email`. + + ![Google Console Screenshot 6](/img/integrations-google-6.jpg) + + ![Google Console Screenshot 7](/img/integrations-google-7.jpg) + + ![Google Console Screenshot 8](/img/integrations-google-8.jpg) + +- Add any test users you want on Page 3. + + ![Google Console Screenshot 9](/img/integrations-google-9.jpg) + +4. Next, click **Credentials**. + +![Google Console Screenshot 10](/img/integrations-google-10.jpg) + +- Select **Create Credentials**. +- Select **OAuth client ID**. + + ![Google Console Screenshot 11](/img/integrations-google-11.jpg) + +- Complete the form + + ![Google Console Screenshot 12](/img/integrations-google-12.jpg) + +- Under Authorized redirect URIs, put in: `http://localhost:3001/auth/google/callback` + + ![Google Console Screenshot 13](/img/integrations-google-13.jpg) + + - Once you know on which URL(s) your API server will be deployed, also add those URL(s). + - For example: `https://your-server-url.com/auth/google/callback` + +- When you save, you can click the Edit icon and your credentials will be shown. + + ![Google Console Screenshot 14](/img/integrations-google-14.jpg) + +5. Copy your Client ID and Client secret as you will need them in the next step. + +### 4. Adding Environment Variables + +Add these environment variables to the `.env.server` file at the root of your project (take their values from the previous step): + +```bash title=".env.server" +GOOGLE_CLIENT_ID=your-google-client-id +GOOGLE_CLIENT_SECRET=your-google-client-secret +``` + +### 5. Adding the Necessary Routes and Pages + +Let's define the necessary authentication Routes and Pages. + +Add the following code to your `main.wasp` file: + + + + +```wasp title="main.wasp" +// ... + +// 6. Define the routes +route LoginRoute { path: "/login", to: LoginPage } +page LoginPage { + component: import { Login } from "@src/pages/auth.jsx" +} +``` + + + + +```wasp title="main.wasp" +// ... + +// 6. Define the routes +route LoginRoute { path: "/login", to: LoginPage } +page LoginPage { + component: import { Login } from "@src/pages/auth.tsx" +} +``` + + + + +We'll define the React components for these pages in the `src/pages/auth.{jsx,tsx}` file below. + +### 6. Create the Client Pages + +:::info +We are using [Tailwind CSS](https://tailwindcss.com/) to style the pages. Read more about how to add it [here](../../project/css-frameworks). +::: + +Let's now create a `auth.{jsx,tsx}` file in the `src/pages`. +It should have the following code: + + + + +```tsx title="src/pages/auth.jsx" +import { LoginForm } from 'wasp/client/auth' + +export function Login() { + return ( + + + + ) +} + +// A layout component to center the content +export function Layout({ children }) { + return ( +
    +
    +
    +
    {children}
    +
    +
    +
    + ) +} +``` + +     + + +```tsx title="src/pages/auth.tsx" +import { LoginForm } from 'wasp/client/auth' + +export function Login() { + return ( + + + + ) +} + +// A layout component to center the content +export function Layout({ children }: { children: React.ReactNode }) { + return ( +
    +
    +
    +
    {children}
    +
    +
    +
    + ) +} +``` + +     +     + +:::info Auth UI +Our pages use an automatically-generated Auth UI component. Read more about Auth UI components [here](../../auth/ui). +::: + +### Conclusion + +Yay, we've successfully set up Google Auth! πŸŽ‰ + +![Google Auth](/img/auth/google.png) + +Running `wasp db migrate-dev` and `wasp start` should now give you a working app with authentication. +To see how to protect specific pages (i.e., hide them from non-authenticated users), read the docs on [using auth](../../auth/overview). + +## Default Behaviour + +Add `google: {}` to the `auth.methods` dictionary to use it with default settings: + + + + +```wasp title=main.wasp +app myApp { + wasp: { + version: "^0.13.0" + }, + title: "My App", + auth: { + userEntity: User, + methods: { + // highlight-next-line + google: {} + }, + onAuthFailedRedirectTo: "/login" + }, +} +``` + + + + +```wasp title=main.wasp +app myApp { + wasp: { + version: "^0.13.0" + }, + title: "My App", + auth: { + userEntity: User, + methods: { + // highlight-next-line + google: {} + }, + onAuthFailedRedirectTo: "/login" + }, +} +``` + + + + + + +## Overrides + + + +### Data Received From Google + +We are using Google's API and its `/userinfo` endpoint to fetch the user's data. + +The data received from Google is an object which can contain the following fields: + +```json +[ + "name", + "given_name", + "family_name", + "email", + "email_verified", + "aud", + "exp", + "iat", + "iss", + "locale", + "picture", + "sub" +] +``` + +The fields you receive depend on the scopes you request. The default scope is set to `profile` only. If you want to get the user's email, you need to specify the `email` scope in the `configFn` function. + + + +For an up to date info about the data received from Google, please refer to the [Google API documentation](https://developers.google.com/identity/openid-connect/openid-connect#an-id-tokens-payload). + + +### Using the Data Received From Google + + + + + + +```wasp title="main.wasp" +app myApp { + wasp: { + version: "^0.13.0" + }, + title: "My App", + auth: { + userEntity: User, + methods: { + google: { + // highlight-next-line + configFn: import { getConfig } from "@src/auth/google.js", + // highlight-next-line + userSignupFields: import { userSignupFields } from "@src/auth/google.js" + } + }, + onAuthFailedRedirectTo: "/login" + }, +} + +entity User {=psl + id Int @id @default(autoincrement()) + username String @unique + displayName String +psl=} + +// ... +``` + +```js title=src/auth/google.js +export const userSignupFields = { + username: () => "hardcoded-username", + displayName: (data) => data.profile.name, +} + +export function getConfig() { + return { + scopes: ['profile', 'email'], + } +} +``` + + + + +```wasp title="main.wasp" +app myApp { + wasp: { + version: "^0.13.0" + }, + title: "My App", + auth: { + userEntity: User, + methods: { + google: { + // highlight-next-line + configFn: import { getConfig } from "@src/auth/google.js", + // highlight-next-line + userSignupFields: import { userSignupFields } from "@src/auth/google.js" + } + }, + onAuthFailedRedirectTo: "/login" + }, +} + +entity User {=psl + id Int @id @default(autoincrement()) + username String @unique + displayName String +psl=} + +// ... +``` + +```ts title=src/auth/google.ts +import { defineUserSignupFields } from 'wasp/server/auth' + +export const userSignupFields = defineUserSignupFields({ + username: () => "hardcoded-username", + displayName: (data: any) => data.profile.name, +}) + +export function getConfig() { + return { + scopes: ['profile', 'email'], + } +} +``` + + + + + + +## Using Auth + + + +## API Reference + + + + + + +```wasp title="main.wasp" +app myApp { + wasp: { + version: "^0.13.0" + }, + title: "My App", + auth: { + userEntity: User, + methods: { + google: { + // highlight-next-line + configFn: import { getConfig } from "@src/auth/google.js", + // highlight-next-line + userSignupFields: import { userSignupFields } from "@src/auth/google.js" + } + }, + onAuthFailedRedirectTo: "/login" + }, +} +``` + + + + +```wasp title="main.wasp" +app myApp { + wasp: { + version: "^0.13.0" + }, + title: "My App", + auth: { + userEntity: User, + methods: { + google: { + // highlight-next-line + configFn: import { getConfig } from "@src/auth/google.js", + // highlight-next-line + userSignupFields: import { userSignupFields } from "@src/auth/google.js" + } + }, + onAuthFailedRedirectTo: "/login" + }, +} +``` + + + + +The `google` dict has the following properties: + +- #### `configFn: ExtImport` + + This function must return an object with the scopes for the OAuth provider. + + + + + ```js title=src/auth/google.js + export function getConfig() { + return { + scopes: ['profile', 'email'], + } + } + ``` + + + + + ```ts title=src/auth/google.ts + export function getConfig() { + return { + scopes: ['profile', 'email'], + } + } + ``` + + + + +- #### `userSignupFields: ExtImport` + + + + Read more about the `userSignupFields` function [here](../overview#1-defining-extra-fields). diff --git a/web/versioned_docs/version-0.13.11/auth/social-auth/keycloak.md b/web/versioned_docs/version-0.13.11/auth/social-auth/keycloak.md new file mode 100644 index 0000000000..c1843c9034 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/auth/social-auth/keycloak.md @@ -0,0 +1,547 @@ +--- +title: Keycloak +--- + +import useBaseUrl from '@docusaurus/useBaseUrl'; +import DefaultBehaviour from './\_default-behaviour.md'; +import OverrideIntro from './\_override-intro.md'; +import OverrideExampleIntro from './\_override-example-intro.md'; +import UsingAuthNote from './\_using-auth-note.md'; +import WaspFileStructureNote from './\_wasp-file-structure-note.md'; +import GetUserFieldsType from './\_getuserfields-type.md'; +import ApiReferenceIntro from './\_api-reference-intro.md'; +import UserSignupFieldsExplainer from '../\_user-signup-fields-explainer.md'; + +Wasp supports Keycloak Authentication out of the box. + +[Keycloak](https://www.keycloak.org/) is an open-source identity and access management solution for modern applications and services. Keycloak provides both SAML and OpenID protocol solutions. It also has a very flexible and powerful administration UI. + +Let's walk through enabling Keycloak authentication, explain some of the default settings, and show how to override them. + +## Setting up Keycloak Auth + +Enabling Keycloak Authentication comes down to a series of steps: + +1. Enabling Keycloak authentication in the Wasp file. +1. Adding the `User` entity. +1. Creating a Keycloak client. +1. Adding the necessary Routes and Pages +1. Using Auth UI components in our Pages. + + + +### 1. Adding Keycloak Auth to Your Wasp File + +Let's start by properly configuring the Auth object: + + + + +```wasp title="main.wasp" +app myApp { + wasp: { + version: "^0.13.0" + }, + title: "My App", + auth: { + // 1. Specify the User entity (we'll define it next) + // highlight-next-line + userEntity: User, + methods: { + // 2. Enable Keycloak Auth + // highlight-next-line + keycloak: {} + }, + onAuthFailedRedirectTo: "/login" + }, +} +``` + + + + +```wasp title="main.wasp" +app myApp { + wasp: { + version: "^0.13.0" + }, + title: "My App", + auth: { + // 1. Specify the User entity (we'll define it next) + // highlight-next-line + userEntity: User, + methods: { + // 2. Enable Keycloak Auth + // highlight-next-line + keycloak: {} + }, + onAuthFailedRedirectTo: "/login" + }, +} +``` + + + + +The `userEntity` is explained in [the social auth overview](../../auth/social-auth/overview#social-login-entity). + +### 2. Adding the User Entity + +Let's now define the `app.auth.userEntity` entity: + + + + +```wasp title="main.wasp" +// ... +// 3. Define the User entity +// highlight-next-line +entity User {=psl + id Int @id @default(autoincrement()) + // ... +psl=} +``` + + + + +```wasp title="main.wasp" +// ... +// 3. Define the User entity +// highlight-next-line +entity User {=psl + id Int @id @default(autoincrement()) + // ... +psl=} +``` + + + + +### 3. Creating a Keycloak Client + +1. Log into your Keycloak admin console. +1. Under **Clients**, click on **Create Client**. + + ![Keycloak Screenshot 1](/img/auth/keycloak/1-keycloak.png) + +1. Fill in the **Client ID** and choose a name for the client. + + ![Keycloak Screenshot 2](/img/auth/keycloak/2-keycloak.png) + +1. In the next step, enable **Client Authentication**. + + ![Keycloak Screenshot 3](/img/auth/keycloak/3-keycloak.png) + +1. Under **Valid Redirect URIs**, add `http://localhost:3001/auth/keycloak/callback` for local development. + + ![Keycloak Screenshot 4](/img/auth/keycloak/4-keycloak.png) + + - Once you know on which URL(s) your API server will be deployed, also add those URL(s). + - For example: `https://my-server-url.com/auth/keycloak/callback`. + +1. Click **Save**. +1. In the **Credentials** tab, copy the **Client Secret** value, which we'll use in the next step. + + ![Keycloak Screenshot 5](/img/auth/keycloak/5-keycloak.png) + +### 4. Adding Environment Variables + +Add these environment variables to the `.env.server` file at the root of your project (take their values from the previous step): + +```bash title=".env.server" +KEYCLOAK_CLIENT_ID=your-keycloak-client-id +KEYCLOAK_CLIENT_SECRET=your-keycloak-client-secret +KEYCLOAK_REALM_URL=https://your-keycloak-url.com/realms/master +``` + +We assumed in the `KEYCLOAK_REALM_URL` env variable that you are using the `master` realm. If you are using a different realm, replace `master` with your realm name. + +### 5. Adding the Necessary Routes and Pages + +Let's define the necessary authentication Routes and Pages. + +Add the following code to your `main.wasp` file: + + + + +```wasp title="main.wasp" +// ... + +// 6. Define the routes +route LoginRoute { path: "/login", to: LoginPage } +page LoginPage { + component: import { Login } from "@src/pages/auth.jsx" +} +``` + + + + +```wasp title="main.wasp" +// ... + +// 6. Define the routes +route LoginRoute { path: "/login", to: LoginPage } +page LoginPage { + component: import { Login } from "@src/pages/auth.tsx" +} +``` + + + + +We'll define the React components for these pages in the `src/pages/auth.{jsx,tsx}` file below. + +### 6. Create the Client Pages + +:::info +We are using [Tailwind CSS](https://tailwindcss.com/) to style the pages. Read more about how to add it [here](../../project/css-frameworks). +::: + +Let's now create an `auth.{jsx,tsx}` file in the `src/pages`. +It should have the following code: + + + + +```tsx title="src/pages/auth.jsx" +import { LoginForm } from 'wasp/client/auth' + +export function Login() { + return ( + + + + ) +} + +// A layout component to center the content +export function Layout({ children }) { + return ( +
    +
    +
    +
    {children}
    +
    +
    +
    + ) +} +``` + +     + + +```tsx title="src/pages/auth.tsx" +import { LoginForm } from 'wasp/client/auth' + +export function Login() { + return ( + + + + ) +} + +// A layout component to center the content +export function Layout({ children }: { children: React.ReactNode }) { + return ( +
    +
    +
    +
    {children}
    +
    +
    +
    + ) +} +``` + +     +     + +:::info Auth UI +Our pages use an automatically generated Auth UI component. Read more about Auth UI components [here](../../auth/ui). +::: + +### Conclusion + +Yay, we've successfully set up Keycloak Auth! + +Running `wasp db migrate-dev` and `wasp start` should now give you a working app with authentication. +To see how to protect specific pages (i.e., hide them from non-authenticated users), read the docs on [using auth](../../auth/overview). + +## Default Behaviour + +Add `keycloak: {}` to the `auth.methods` dictionary to use it with default settings: + + + + +```wasp title=main.wasp +app myApp { + wasp: { + version: "^0.13.0" + }, + title: "My App", + auth: { + userEntity: User, + methods: { + // highlight-next-line + keycloak: {} + }, + onAuthFailedRedirectTo: "/login" + }, +} +``` + + + + +```wasp title=main.wasp +app myApp { + wasp: { + version: "^0.13.0" + }, + title: "My App", + auth: { + userEntity: User, + methods: { + // highlight-next-line + keycloak: {} + }, + onAuthFailedRedirectTo: "/login" + }, +} +``` + + + + + + +## Overrides + + + +### Data Received From Keycloak + +We are using Keycloak's API and its `/userinfo` endpoint to fetch the user's data. + +```ts title="Keycloak user data" +{ + sub: '5adba8fc-3ea6-445a-a379-13f0bb0b6969', + email_verified: true, + name: 'Test User', + preferred_username: 'test', + given_name: 'Test', + family_name: 'User', + email: 'test@example.com' +} +``` + +The fields you receive will depend on the scopes you requested. The default scope is set to `profile` only. If you want to get the user's email, you need to specify the `email` scope in the `configFn` function. + + + +For up-to-date info about the data received from Keycloak, please refer to the [Keycloak API documentation](https://www.keycloak.org/docs-api/23.0.7/javadocs/org/keycloak/representations/UserInfo.html). + + +### Using the Data Received From Keycloak + + + + + + +```wasp title="main.wasp" +app myApp { + wasp: { + version: "^0.13.0" + }, + title: "My App", + auth: { + userEntity: User, + methods: { + keycloak: { + // highlight-next-line + configFn: import { getConfig } from "@src/auth/keycloak.js", + // highlight-next-line + userSignupFields: import { userSignupFields } from "@src/auth/keycloak.js" + } + }, + onAuthFailedRedirectTo: "/login" + }, +} + +entity User {=psl + id Int @id @default(autoincrement()) + username String @unique + displayName String +psl=} + +// ... +``` + +```js title=src/auth/keycloak.js +export const userSignupFields = { + username: () => "hardcoded-username", + displayName: (data) => data.profile.name, +} + +export function getConfig() { + return { + scopes: ['profile', 'email'], + } +} +``` + + + + +```wasp title="main.wasp" +app myApp { + wasp: { + version: "^0.13.0" + }, + title: "My App", + auth: { + userEntity: User, + methods: { + keycloak: { + // highlight-next-line + configFn: import { getConfig } from "@src/auth/keycloak.js", + // highlight-next-line + userSignupFields: import { userSignupFields } from "@src/auth/keycloak.js" + } + }, + onAuthFailedRedirectTo: "/login" + }, +} + +entity User {=psl + id Int @id @default(autoincrement()) + username String @unique + displayName String +psl=} + +// ... +``` + +```ts title=src/auth/keycloak.ts +import { defineUserSignupFields } from 'wasp/server/auth' + +export const userSignupFields = defineUserSignupFields({ + username: () => "hardcoded-username", + displayName: (data: any) => data.profile.name, +}) + +export function getConfig() { + return { + scopes: ['profile', 'email'], + } +} +``` + + + + + + +## Using Auth + + + +## API Reference + + + + + + +```wasp title="main.wasp" +app myApp { + wasp: { + version: "^0.13.0" + }, + title: "My App", + auth: { + userEntity: User, + methods: { + keycloak: { + // highlight-next-line + configFn: import { getConfig } from "@src/auth/keycloak.js", + // highlight-next-line + userSignupFields: import { userSignupFields } from "@src/auth/keycloak.js" + } + }, + onAuthFailedRedirectTo: "/login" + }, +} +``` + + + + +```wasp title="main.wasp" +app myApp { + wasp: { + version: "^0.13.0" + }, + title: "My App", + auth: { + userEntity: User, + methods: { + keycloak: { + // highlight-next-line + configFn: import { getConfig } from "@src/auth/keycloak.js", + // highlight-next-line + userSignupFields: import { userSignupFields } from "@src/auth/keycloak.js" + } + }, + onAuthFailedRedirectTo: "/login" + }, +} +``` + + + + +The `keycloak` dict has the following properties: + +- #### `configFn: ExtImport` + + This function must return an object with the scopes for the OAuth provider. + + + + + ```js title=src/auth/keycloak.js + export function getConfig() { + return { + scopes: ['profile', 'email'], + } + } + ``` + + + + + ```ts title=src/auth/keycloak.ts + export function getConfig() { + return { + scopes: ['profile', 'email'], + } + } + ``` + + + + +- #### `userSignupFields: ExtImport` + + + + Read more about the `userSignupFields` function [here](../overview#1-defining-extra-fields). \ No newline at end of file diff --git a/web/versioned_docs/version-0.13.11/auth/social-auth/overview.md b/web/versioned_docs/version-0.13.11/auth/social-auth/overview.md new file mode 100644 index 0000000000..c3c046e53d --- /dev/null +++ b/web/versioned_docs/version-0.13.11/auth/social-auth/overview.md @@ -0,0 +1,355 @@ +--- +title: Overview +--- + +import { SocialAuthGrid } from './SocialAuthGrid'; +import DefaultBehaviour from './\_default-behaviour.md'; +import OverrideIntro from './\_override-intro.md'; +import GetUserFieldsType from './\_getuserfields-type.md'; + +Social login options (e.g., _Log in with Google_) are a great (maybe even the best) solution for handling user accounts. +A famous old developer joke tells us _"The best auth system is the one you never have to make."_ + +Wasp wants to make adding social login options to your app as painless as possible. + +Using different social providers gives users a chance to sign into your app via their existing accounts on other platforms (Google, GitHub, etc.). + +This page goes through the common behaviors between all supported social login providers and shows you how to customize them. +It also gives an overview of Wasp's UI helpers - the quickest possible way to get started with social auth. + +## Available Providers + +Wasp currently supports the following social login providers: + + + +## User Entity + +Wasp requires you to declare a `userEntity` for all `auth` methods (social or otherwise). +This field tells Wasp which Entity represents the user. + +Here's what the full setup looks like: + + + + +```wasp title=main.wasp +app myApp { + wasp: { + version: "^0.13.0" + }, + title: "My App", + auth: { + // highlight-next-line + userEntity: User, + methods: { + google: {} + }, + onAuthFailedRedirectTo: "/login" + }, +} + +// highlight-next-line +entity User {=psl + id Int @id @default(autoincrement()) + //... +psl=} +``` + + + + +```wasp title=main.wasp +app myApp { + wasp: { + version: "^0.13.0" + }, + title: "My App", + auth: { + // highlight-next-line + userEntity: User, + methods: { + google: {} + }, + onAuthFailedRedirectTo: "/login" + }, +} + +// highlight-next-line +entity User {=psl + id Int @id @default(autoincrement()) + //... +psl=} +``` + + + + + + +To learn more about what the fields on these entities represent, look at the [API Reference](#api-reference). + + + +## Default Behavior + + + +## Overrides + +By default, Wasp doesn't store any information it receives from the social login provider. It only stores the user's ID specific to the provider. + +If you wish to store more information about the user, you can override the default behavior. You can do this by defining the `userSignupFields` and `configFn` fields in `main.wasp` for each provider. + +You can create custom signup setups, such as allowing users to define a custom username after they sign up with a social provider. + +### Example: Allowing User to Set Their Username + +If you want to modify the signup flow (e.g., let users choose their own usernames), you will need to go through three steps: + +1. The first step is adding a `isSignupComplete` property to your `User` Entity. This field will signal whether the user has completed the signup process. +2. The second step is overriding the default signup behavior. +3. The third step is implementing the rest of your signup flow and redirecting users where appropriate. + +Let's go through both steps in more detail. + +#### 1. Adding the `isSignupComplete` Field to the `User` Entity + + + + +```wasp title=main.wasp +entity User {=psl + id Int @id @default(autoincrement()) + username String? @unique + // highlight-next-line + isSignupComplete Boolean @default(false) +psl=} +``` + + + + +```wasp title=main.wasp +entity User {=psl + id Int @id @default(autoincrement()) + username String? @unique + // highlight-next-line + isSignupComplete Boolean @default(false) +psl=} +``` + + + + +#### 2. Overriding the Default Behavior + +Declare an import under `app.auth.methods.google.userSignupFields` (the example assumes you're using Google): + + + + +```wasp title=main.wasp +app myApp { + wasp: { + version: "^0.13.0" + }, + title: "My App", + auth: { + userEntity: User, + methods: { + google: { + // highlight-next-line + userSignupFields: import { userSignupFields } from "@src/auth/google.js" + } + }, + onAuthFailedRedirectTo: "/login" + }, +} + +// ... +``` + +And implement the imported function. + +```js title=src/auth/google.js +export const userSignupFields = { + isSignupComplete: () => false, +} +``` + + + + +```wasp title=main.wasp +app myApp { + wasp: { + version: "^0.13.0" + }, + title: "My App", + auth: { + userEntity: User, + methods: { + google: { + // highlight-next-line + userSignupFields: import { userSignupFields } from "@src/auth/google.js" + } + }, + onAuthFailedRedirectTo: "/login" + }, +} + +// ... +``` + +And implement the imported function: + +```ts title=src/auth/google.ts +import { defineUserSignupFields } from 'wasp/server/auth' + +export const userSignupFields = defineUserSignupFields({ + isSignupComplete: () => false, +}) +``` + + + + + + +#### 3. Showing the Correct State on the Client + +You can query the user's `isSignupComplete` flag on the client with the [`useAuth()`](../../auth/overview) hook. +Depending on the flag's value, you can redirect users to the appropriate signup step. + +For example: + +1. When the user lands on the homepage, check the value of `user.isSignupComplete`. +2. If it's `false`, it means the user has started the signup process but hasn't yet chosen their username. Therefore, you can redirect them to `EditUserDetailsPage` where they can edit the `username` property. + + + + +```jsx title=src/HomePage.jsx +import { useAuth } from 'wasp/client/auth' +import { Redirect } from 'react-router-dom' + +export function HomePage() { + const { data: user } = useAuth() + + if (user.isSignupComplete === false) { + return + } + + // ... +} +``` + + + + +```tsx title=src/HomePage.tsx +import { useAuth } from 'wasp/client/auth' +import { Redirect } from 'react-router-dom' + +export function HomePage() { + const { data: user } = useAuth() + + if (user.isSignupComplete === false) { + return + } + + // ... +} +``` + +The same general principle applies to more complex signup procedures, just change the boolean `isSignupComplete` property to a property like `currentSignupStep` that can hold more values. + + + + +### Using the User's Provider Account Details + +Account details are provider-specific. +Each provider has their own rules for defining the `userSignupFields` and `configFn` fields: + + + +## UI Helpers + +:::tip Use Auth UI +[Auth UI](../../auth/ui) is a common name for all high-level auth forms that come with Wasp. + +These include fully functional auto-generated login and signup forms with working social login buttons. +If you're looking for the fastest way to get your auth up and running, that's where you should look. + +The UI helpers described below are lower-level and are useful for creating your custom forms. +::: + +Wasp provides sign-in buttons and URLs for each of the supported social login providers. + + + + +```jsx title=src/LoginPage.jsx +import { + GoogleSignInButton, + googleSignInUrl, + GitHubSignInButton, + gitHubSignInUrl, +} from 'wasp/client/auth' + +export const LoginPage = () => { + return ( + <> + + + {/* or */} + Sign in with Google + Sign in with GitHub + + ) +} +``` + + + + +```tsx title=src/LoginPage.tsx +import { + GoogleSignInButton, + googleSignInUrl, + GitHubSignInButton, + gitHubSignInUrl, +} from 'wasp/client/auth' + +export const LoginPage = () => { + return ( + <> + + + {/* or */} + Sign in with Google + Sign in with GitHub + + ) +} +``` + + + + +If you need even more customization, you can create your custom components using `signInUrl`s. + +## API Reference + +### Fields in the `app.auth` Dictionary and Overrides + +For more information on: + +- Allowed fields in `app.auth` +- `userSignupFields` and `configFn` functions + +Check the provider-specific API References: + + \ No newline at end of file diff --git a/web/versioned_docs/version-0.13.11/auth/ui.md b/web/versioned_docs/version-0.13.11/auth/ui.md new file mode 100644 index 0000000000..68ddd91874 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/auth/ui.md @@ -0,0 +1,616 @@ +--- +title: Auth UI +--- + +import { EmailPill, UsernameAndPasswordPill, GithubPill, GooglePill, KeycloakPill } from "./Pills"; + +To make using authentication in your app as easy as possible, Wasp generates the server-side code but also the client-side UI for you. It enables you to quickly get the login, signup, password reset and email verification flows in your app. + +Below we cover all of the available UI components and how to use them. + +![Auth UI](/img/authui/all_screens.gif) + +## Overview + +After Wasp generates the UI components for your auth, you can use it as is, or customize it to your liking. + +Based on the authentication providers you enabled in your `main.wasp` file, the Auth UI will show the corresponding UI (form and buttons). For example, if you enabled e-mail authentication: + + + + +```wasp {5} title="main.wasp" +app MyApp { + //... + auth: { + methods: { + email: {}, + }, + // ... + } +} +``` + + + + +```wasp {5} title="main.wasp" +app MyApp { + //... + auth: { + methods: { + email: {}, + }, + // ... + } +} +``` + + + + +You'll get the following UI: + +![Auth UI](/img/authui/login.png) + +And then if you enable Google and Github: + + + + +```wasp title="main.wasp" {6-7} +app MyApp { + //... + auth: { + methods: { + email: {}, + google: {}, + github: {}, + }, + // ... + } +} +``` + + + + +```wasp title="main.wasp" {6-7} +app MyApp { + //... + auth: { + methods: { + email: {}, + google: {}, + github: {}, + }, + // ... + } +} +``` + + + + +The form will automatically update to look like this: + +![Auth UI](/img/authui/multiple_providers.png) + +Let's go through all of the available components and how to use them. + +## Auth Components + +The following components are available for you to use in your app: + +- [Login form](#login-form) +- [Signup form](#signup-form) +- [Forgot password form](#forgot-password-form) +- [Reset password form](#reset-password-form) +- [Verify email form](#verify-email-form) + +### Login Form + +Used with , , , and authentication. + +![Login form](/img/authui/login.png) + +You can use the `LoginForm` component to build your login page: + + + + +```wasp title="main.wasp" +// ... + +route LoginRoute { path: "/login", to: LoginPage } +page LoginPage { + component: import { LoginPage } from "@src/LoginPage.jsx" +} +``` + +```tsx title="src/LoginPage.jsx" +import { LoginForm } from 'wasp/client/auth' + +// Use it like this +export function LoginPage() { + return +} +``` + + + + +```wasp title="main.wasp" +// ... + +route LoginRoute { path: "/login", to: LoginPage } +page LoginPage { + component: import { LoginPage } from "@src/LoginPage.tsx" +} +``` + +```tsx title="src/LoginPage.tsx" +import { LoginForm } from 'wasp/client/auth' + +// Use it like this +export function LoginPage() { + return +} +``` + + + + +It will automatically show the correct authentication providers based on your `main.wasp` file. + +### Signup Form + +Used with , , , and authentication. + +![Signup form](/img/authui/signup.png) + +You can use the `SignupForm` component to build your signup page: + + + + +```wasp title="main.wasp" +// ... + +route SignupRoute { path: "/signup", to: SignupPage } +page SignupPage { + component: import { SignupPage } from "@src/SignupPage.jsx" +} +``` + +```tsx title="src/SignupPage.jsx" +import { SignupForm } from 'wasp/client/auth' + +// Use it like this +export function SignupPage() { + return +} +``` + + + + +```wasp title="main.wasp" +// ... + +route SignupRoute { path: "/signup", to: SignupPage } +page SignupPage { + component: import { SignupPage } from "@src/SignupPage.tsx" +} +``` + +```tsx title="src/SignupPage.tsx" +import { SignupForm } from 'wasp/client/auth' + +// Use it like this +export function SignupPage() { + return +} +``` + + + + +It will automatically show the correct authentication providers based on your `main.wasp` file. + +Read more about customizing the signup process like adding additional fields or extra UI in the [Auth Overview](../auth/overview#customizing-the-signup-process) section. + +### Forgot Password Form + +Used with authentication. + +If users forget their password, they can use this form to reset it. + +![Forgot password form](/img/authui/forgot_password.png) + +You can use the `ForgotPasswordForm` component to build your own forgot password page: + + + + +```wasp title="main.wasp" +// ... + +route RequestPasswordResetRoute { path: "/request-password-reset", to: RequestPasswordResetPage } +page RequestPasswordResetPage { + component: import { ForgotPasswordPage } from "@src/ForgotPasswordPage.jsx" +} +``` + +```tsx title="src/ForgotPasswordPage.jsx" +import { ForgotPasswordForm } from 'wasp/client/auth' + +// Use it like this +export function ForgotPasswordPage() { + return +} +``` + + + + +```wasp title="main.wasp" +// ... + +route RequestPasswordResetRoute { path: "/request-password-reset", to: RequestPasswordResetPage } +page RequestPasswordResetPage { + component: import { ForgotPasswordPage } from "@src/ForgotPasswordPage.tsx" +} +``` + +```tsx title="src/ForgotPasswordPage.tsx" +import { ForgotPasswordForm } from 'wasp/client/auth' + +// Use it like this +export function ForgotPasswordPage() { + return +} +``` + + + + +### Reset Password Form + +Used with authentication. + +After users click on the link in the email they receive after submitting the forgot password form, they will be redirected to this form where they can reset their password. + +![Reset password form](/img/authui/reset_password.png) + +You can use the `ResetPasswordForm` component to build your reset password page: + + + + +```wasp title="main.wasp" +// ... + +route PasswordResetRoute { path: "/password-reset", to: PasswordResetPage } +page PasswordResetPage { + component: import { ResetPasswordPage } from "@src/ResetPasswordPage.jsx" +} +``` + +```tsx title="src/ResetPasswordPage.jsx" +import { ResetPasswordForm } from 'wasp/client/auth' + +// Use it like this +export function ResetPasswordPage() { + return +} +``` + + + + +```wasp title="main.wasp" +// ... + +route PasswordResetRoute { path: "/password-reset", to: PasswordResetPage } +page PasswordResetPage { + component: import { ResetPasswordPage } from "@src/ResetPasswordPage.tsx" +} +``` + +```tsx title="src/ResetPasswordPage.tsx" +import { ResetPasswordForm } from 'wasp/client/auth' + +// Use it like this +export function ResetPasswordPage() { + return +} +``` + + + + +### Verify Email Form + +Used with authentication. + +After users sign up, they will receive an email with a link to this form where they can verify their email. + +![Verify email form](/img/authui/email_verification.png) + +You can use the `VerifyEmailForm` component to build your email verification page: + + + + +```wasp title="main.wasp" +// ... + +route EmailVerificationRoute { path: "/email-verification", to: EmailVerificationPage } +page EmailVerificationPage { + component: import { VerifyEmailPage } from "@src/VerifyEmailPage.jsx" +} +``` + +```tsx title="src/VerifyEmailPage.jsx" +import { VerifyEmailForm } from 'wasp/client/auth' + +// Use it like this +export function VerifyEmailPage() { + return +} +``` + + + + +```wasp title="main.wasp" +// ... + +route EmailVerificationRoute { path: "/email-verification", to: EmailVerificationPage } +page EmailVerificationPage { + component: import { VerifyEmailPage } from "@src/VerifyEmailPage.tsx" +} +``` + +```tsx title="src/VerifyEmailPage.tsx" +import { VerifyEmailForm } from 'wasp/client/auth' + +// Use it like this +export function VerifyEmailPage() { + return +} +``` + + + + +## Customization πŸ’…πŸ» + +You customize all of the available forms by passing props to them. + +Props you can pass to all of the forms: + +1. `appearance` - customize the form colors (via design tokens) +2. `logo` - path to your logo +3. `socialLayout` - layout of the social buttons, which can be `vertical` or `horizontal` + +### 1. Customizing the Colors + +We use [Stitches](https://stitches.dev/) to style the Auth UI. You can customize the styles by overriding the default theme tokens. + +:::info List of all available tokens + +See the [list of all available tokens](https://github.com/wasp-lang/wasp/blob/release/waspc/data/Generator/templates/react-app/src/stitches.config.js) which you can override. + +::: + + + + +```js title="src/appearance.js" +export const authAppearance = { + colors: { + brand: '#5969b8', // blue + brandAccent: '#de5998', // pink + submitButtonText: 'white', + }, +} +``` + +```jsx title="src/LoginPage.jsx" +import { LoginForm } from 'wasp/client/auth' +import { authAppearance } from './appearance' + +export function LoginPage() { + return ( + + ) +} +``` + + + + +```ts title="src/appearance.ts" +import type { CustomizationOptions } from 'wasp/client/auth' + +export const authAppearance: CustomizationOptions['appearance'] = { + colors: { + brand: '#5969b8', // blue + brandAccent: '#de5998', // pink + submitButtonText: 'white', + }, +} +``` + +```tsx title="src/LoginPage.tsx" +import { LoginForm } from 'wasp/client/auth' +import { authAppearance } from './appearance' + +export function LoginPage() { + return ( + + ) +} +``` + + + + +We recommend defining your appearance in a separate file and importing it into your components. + +### 2. Using Your Logo + +You can add your logo to the Auth UI by passing the `logo` prop to any of the components. + + + + +```tsx title="src/LoginPage.jsx" +import { LoginForm } from 'wasp/client/auth' +import Logo from './logo.png' + +export function LoginPage() { + return ( + + ) +} +``` + + + + +```tsx title="src/LoginPage.tsx" +import { LoginForm } from 'wasp/client/auth' +import Logo from './logo.png' + +export function LoginPage() { + return ( + + ) +} +``` + + + + +### 3. Social Buttons Layout + +You can change the layout of the social buttons by passing the `socialLayout` prop to any of the components. It can be either `vertical` or `horizontal` (default). + +If we pass in `vertical`: + + + + +```tsx title="src/LoginPage.jsx" +import { LoginForm } from 'wasp/client/auth' + +export function LoginPage() { + return ( + + ) +} +``` + + + + +```tsx title="src/LoginPage.tsx" +import { LoginForm } from 'wasp/client/auth' + +export function LoginPage() { + return ( + + ) +} +``` + + + + +We get this: + +![Vertical social buttons](/img/authui/vertical_social_buttons.png) + +### Let's Put Everything Together πŸͺ„ + +If we provide the logo and custom colors: + + + + +```ts title="src/appearance.js" +export const appearance = { + colors: { + brand: '#5969b8', // blue + brandAccent: '#de5998', // pink + submitButtonText: 'white', + }, +} +``` + +```tsx title="src/LoginPage.jsx" +import { LoginForm } from 'wasp/client/auth' + +import { authAppearance } from './appearance' +import todoLogo from './todoLogo.png' + +export function LoginPage() { + return +} +``` + + + + +```ts title="src/appearance.ts" +import type { CustomizationOptions } from 'wasp/client/auth' + +export const appearance: CustomizationOptions['appearance'] = { + colors: { + brand: '#5969b8', // blue + brandAccent: '#de5998', // pink + submitButtonText: 'white', + }, +} +``` + +```tsx title="src/LoginPage.tsx" +import { LoginForm } from 'wasp/client/auth' + +import { authAppearance } from './appearance' +import todoLogo from './todoLogo.png' + +export function LoginPage() { + return +} +``` + + + + +We get a form looking like this: + +
    + Custom login form +
    diff --git a/web/versioned_docs/version-0.13.11/auth/username-and-pass.md b/web/versioned_docs/version-0.13.11/auth/username-and-pass.md new file mode 100644 index 0000000000..1f6c5aff26 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/auth/username-and-pass.md @@ -0,0 +1,723 @@ +--- +title: Username & Password +--- + +import { Required } from '@site/src/components/Tag'; +import MultipleIdentitiesWarning from './\_multiple-identities-warning.md'; +import ReadMoreAboutAuthEntities from './\_read-more-about-auth-entities.md'; +import GetUsername from './entities/\_get-username.md'; +import UserSignupFieldsExplainer from './\_user-signup-fields-explainer.md'; +import UserFieldsExplainer from './\_user-fields.md'; + +Wasp supports username & password authentication out of the box with login and signup flows. It provides you with the server-side implementation and the UI components for the client-side. + +## Setting Up Username & Password Authentication + +To set up username authentication we need to: +1. Enable username authentication in the Wasp file +1. Add the `User` entity +1. Add the auth routes and pages +1. Use Auth UI components in our pages + +Structure of the `main.wasp` file we will end up with: + +```wasp title="main.wasp" +// Configuring e-mail authentication +app myApp { + auth: { ... } +} +// Defining User entity +entity User { ... } +// Defining routes and pages +route SignupRoute { ... } +page SignupPage { ... } +// ... +``` + +### 1. Enable Username Authentication + +Let's start with adding the following to our `main.wasp` file: + + + + +```wasp title="main.wasp" {11} +app myApp { + wasp: { + version: "^0.13.0" + }, + title: "My App", + auth: { + // 1. Specify the user entity (we'll define it next) + userEntity: User, + methods: { + // 2. Enable username authentication + usernameAndPassword: {}, + }, + onAuthFailedRedirectTo: "/login" + } +} +``` + + + +```wasp title="main.wasp" {11} +app myApp { + wasp: { + version: "^0.13.0" + }, + title: "My App", + auth: { + // 1. Specify the user entity (we'll define it next) + userEntity: User, + methods: { + // 2. Enable username authentication + usernameAndPassword: {}, + }, + onAuthFailedRedirectTo: "/login" + } +} +``` + + + +Read more about the `usernameAndPassword` auth method options [here](#fields-in-the-usernameandpassword-dict). + +### 2. Add the User Entity + +The `User` entity can be as simple as including only the `id` field: + + + + +```wasp title="main.wasp" +// 3. Define the user entity +entity User {=psl + // highlight-next-line + id Int @id @default(autoincrement()) + // Add your own fields below + // ... +psl=} +``` + + + +```wasp title="main.wasp" +// 3. Define the user entity +entity User {=psl + // highlight-next-line + id Int @id @default(autoincrement()) + // Add your own fields below + // ... +psl=} +``` + + + + + +### 3. Add the Routes and Pages + +Next, we need to define the routes and pages for the authentication pages. + +Add the following to the `main.wasp` file: + + + + +```wasp title="main.wasp" +// ... +// 4. Define the routes +route LoginRoute { path: "/login", to: LoginPage } +page LoginPage { + component: import { Login } from "@src/pages/auth.jsx" +} +route SignupRoute { path: "/signup", to: SignupPage } +page SignupPage { + component: import { Signup } from "@src/pages/auth.jsx" +} +``` + + + +```wasp title="main.wasp" +// ... +// 4. Define the routes +route LoginRoute { path: "/login", to: LoginPage } +page LoginPage { + component: import { Login } from "@src/pages/auth.tsx" +} +route SignupRoute { path: "/signup", to: SignupPage } +page SignupPage { + component: import { Signup } from "@src/pages/auth.tsx" +} +``` + + + +We'll define the React components for these pages in the `src/pages/auth.{jsx,tsx}` file below. + +### 4. Create the Client Pages + +:::info +We are using [Tailwind CSS](https://tailwindcss.com/) to style the pages. Read more about how to add it [here](../project/css-frameworks). +::: + +Let's create a `auth.{jsx,tsx}` file in the `src/pages` folder and add the following to it: + + + + +```tsx title="src/pages/auth.jsx" +import { LoginForm, SignupForm } from 'wasp/client/auth' +import { Link } from 'react-router-dom' + +export function Login() { + return ( + + +
    + + Don't have an account yet? go to signup. + +     + ); +} + +export function Signup() { + return ( + + +
    + + I already have an account (go to login). + +     + ); +} + +// A layout component to center the content +export function Layout({ children }) { + return ( +
    +
    +
    +
    {children}
    +
    +
    +
    + ); +} +``` +     + + +```tsx title="src/pages/auth.tsx" +import { LoginForm, SignupForm } from 'wasp/client/auth' +import { Link } from 'react-router-dom' + +export function Login() { + return ( + + +
    + + Don't have an account yet? go to signup. + +     + ); +} + +export function Signup() { + return ( + + +
    + + I already have an account (go to login). + +     + ); +} + +// A layout component to center the content +export function Layout({ children }: { children: React.ReactNode }) { + return ( +
    +
    +
    +
    {children}
    +
    +
    +
    + ); +} +``` +     +     + +We imported the generated Auth UI components and used them in our pages. Read more about the Auth UI components [here](../auth/ui). + +### Conclusion + +That's it! We have set up username authentication in our app. πŸŽ‰ + +Running `wasp db migrate-dev` and then `wasp start` should give you a working app with username authentication. If you want to put some of the pages behind authentication, read the [auth overview docs](../auth/overview). + + + +## Customizing the Auth Flow + +The login and signup flows are pretty standard: they allow the user to sign up and then log in with their username and password. The signup flow validates the username and password and then creates a new user entity in the database. + +Read more about the default username and password validation rules in the [auth overview docs](../auth/overview#default-validations). + +If you require more control in your authentication flow, you can achieve that in the following ways: +1. Create your UI and use `signup` and `login` actions. +1. Create your custom sign-up action which uses the lower-level API, along with your custom code. + +### 1. Using the `signup` and `login` actions + +#### `login()` +An action for logging in the user. + +It takes two arguments: + + - `username: string` + + Username of the user logging in. + + - `password: string` + + Password of the user logging in. + +You can use it like this: + + + + +```jsx title="src/pages/auth.jsx" +import { login } from 'wasp/client/auth' + +import { useState } from 'react' +import { useHistory, Link } from 'react-router-dom' + +export function LoginPage() { + const [username, setUsername] = useState('') + const [password, setPassword] = useState('') + const [error, setError] = useState(null) + const history = useHistory() + + async function handleSubmit(event) { + event.preventDefault() + try { + await login(username, password) + history.push('/') + } catch (error) { + setError(error) + } + } + + return ( +
    + {/* ... */} +
    + ); +} +``` +     + + +```tsx title="src/pages/auth.tsx" +import { login } from 'wasp/client/auth' + +import { useState } from 'react' +import { useHistory, Link } from 'react-router-dom' + +export function LoginPage() { + const [username, setUsername] = useState('') + const [password, setPassword] = useState('') + const [error, setError] = useState(null) + const history = useHistory() + + async function handleSubmit(event: React.FormEvent) { + event.preventDefault() + try { + await login(username, password) + history.push('/') + } catch (error: unknown) { + setError(error as Error) + } + } + + return ( +
    + {/* ... */} +
    + ); +} +``` +     +     + +:::note +When using the exposed `login()` function, make sure to implement your redirect on success login logic (e.g. redirecting to home). +::: + +#### `signup()` +An action for signing up the user. This action does not log in the user, you still need to call `login()`. + +It takes one argument: +- `userFields: object` + + It has the following fields: + - `username: string` + + - `password: string` + + :::info + By default, Wasp will only save the `username` and `password` fields. If you want to add extra fields to your signup process, read about [defining extra signup fields](../auth/overview#customizing-the-signup-process). + ::: + +You can use it like this: + + + + +```jsx title="src/pages/auth.jsx" +import { signup, login } from 'wasp/client/auth' + +import { useState } from 'react' +import { useHistory } from 'react-router-dom' +import { Link } from 'react-router-dom' + +export function Signup() { + const [username, setUsername] = useState('') + const [password, setPassword] = useState('') + const [error, setError] = useState(null) + const history = useHistory() + + async function handleSubmit(event) { + event.preventDefault() + try { + await signup({ + username, + password, + }) + await login(username, password) + history.push("/") + } catch (error) { + setError(error) + } + } + + return ( +
    + {/* ... */} +
    + ); +} +``` +     + + +```tsx title="src/pages/auth.tsx" +import { signup, login } from 'wasp/client/auth' + +import { useState } from 'react' +import { useHistory } from 'react-router-dom' +import { Link } from 'react-router-dom' + +export function Signup() { + const [username, setUsername] = useState('') + const [password, setPassword] = useState('') + const [error, setError] = useState(null) + const history = useHistory() + + async function handleSubmit(event: React.FormEvent) { + event.preventDefault() + try { + await signup({ + username, + password, + }) + await login(username, password) + history.push("/") + } catch (error: unknown) { + setError(error as Error) + } + } + + return ( +
    + {/* ... */} +
    + ); +} +``` +     +     + +### 2. Creating your custom sign-up action + +The code of your custom sign-up action can look like this: + + + + +```wasp title="main.wasp" +// ... + +action customSignup { + fn: import { signup } from "@src/auth/signup.js", +} +``` + + +```js title="src/auth/signup.js" +import { + ensurePasswordIsPresent, + ensureValidPassword, + ensureValidUsername, + createProviderId, + sanitizeAndSerializeProviderData, + createUser, +} from 'wasp/server/auth' + +export const signup = async (args, _context) => { + ensureValidUsername(args) + ensurePasswordIsPresent(args) + ensureValidPassword(args) + + try { + const providerId = createProviderId('username', args.username) + const providerData = await sanitizeAndSerializeProviderData({ + hashedPassword: args.password, + }) + + await createUser( + providerId, + providerData, + // Any additional data you want to store on the User entity + {}, + ) + } catch (e) { + return { + success: false, + message: e.message, + } + } + + // Your custom code after sign-up. + // ... + + return { + success: true, + message: 'User created successfully', + } +} +``` + + + +```wasp title="main.wasp" +// ... + +action customSignup { + fn: import { signup } from "@src/auth/signup.js", +} +``` + +```ts title="src/auth/signup.ts" +import { + ensurePasswordIsPresent, + ensureValidPassword, + ensureValidUsername, + createProviderId, + sanitizeAndSerializeProviderData, + createUser, +} from 'wasp/server/auth' +import type { CustomSignup } from 'wasp/server/operations' + +type CustomSignupInput = { + username: string + password: string +} +type CustomSignupOutput = { + success: boolean + message: string +} + +export const signup: CustomSignup< + CustomSignupInput, + CustomSignupOutput +> = async (args, _context) => { + ensureValidUsername(args) + ensurePasswordIsPresent(args) + ensureValidPassword(args) + + try { + const providerId = createProviderId('username', args.username) + const providerData = await sanitizeAndSerializeProviderData<'username'>({ + hashedPassword: args.password, + }) + + await createUser( + providerId, + providerData, + // Any additional data you want to store on the User entity + {}, + ) + } catch (e) { + return { + success: false, + message: e.message, + } + } + + // Your custom code after sign-up. + // ... + + return { + success: true, + message: 'User created successfully', + } +} +``` + + + +We suggest using the built-in field validators for your authentication flow. You can import them from `wasp/server/auth`. These are the same validators that Wasp uses internally for the default authentication flow. + +#### Username + +- `ensureValidUsername(args)` + + Checks if the username is valid and throws an error if it's not. Read more about the validation rules [here](../auth/overview#default-validations). + +#### Password + +- `ensurePasswordIsPresent(args)` + + Checks if the password is present and throws an error if it's not. + +- `ensureValidPassword(args)` + + Checks if the password is valid and throws an error if it's not. Read more about the validation rules [here](../auth/overview#default-validations). + +## Using Auth + +To read more about how to set up the logout button and how to get access to the logged-in user in our client and server code, read the [auth overview docs](../auth/overview). + +### `getUsername` + +If you are looking to access the user's username in your code, you can do that by accessing the info about the user that is stored in the `user.auth.identities` array. + +To make things a bit easier for you, Wasp offers the `getUsername` helper. + + + +## API Reference + +### `userEntity` fields + + + + +```wasp title="main.wasp" +app myApp { + wasp: { + version: "^0.13.0" + }, + title: "My App", + auth: { + userEntity: User, + methods: { + usernameAndPassword: {}, + }, + onAuthFailedRedirectTo: "/login" + } +} + +entity User {=psl + id Int @id @default(autoincrement()) +psl=} +``` + + + +```wasp title="main.wasp" +app myApp { + wasp: { + version: "^0.13.0" + }, + title: "My App", + auth: { + userEntity: User, + methods: { + usernameAndPassword: {}, + }, + onAuthFailedRedirectTo: "/login" + } +} + +entity User {=psl + id Int @id @default(autoincrement()) +psl=} +``` + + + + + +### Fields in the `usernameAndPassword` dict + + + + +```wasp title="main.wasp" +app myApp { + wasp: { + version: "^0.13.0" + }, + title: "My App", + auth: { + userEntity: User, + methods: { + usernameAndPassword: { + userSignupFields: import { userSignupFields } from "@src/auth/email.js", + }, + }, + onAuthFailedRedirectTo: "/login" + } +} +// ... +``` + + + +```wasp title="main.wasp" +app myApp { + wasp: { + version: "^0.13.0" + }, + title: "My App", + auth: { + userEntity: User, + methods: { + usernameAndPassword: { + userSignupFields: import { userSignupFields } from "@src/auth/email.js", + }, + }, + onAuthFailedRedirectTo: "/login" + } +} +// ... +``` + + + +#### `userSignupFields: ExtImport` + + +Read more about the `userSignupFields` function [here](./overview#1-defining-extra-fields). diff --git a/web/versioned_docs/version-0.13.11/contact.md b/web/versioned_docs/version-0.13.11/contact.md new file mode 100644 index 0000000000..5ddbedafbc --- /dev/null +++ b/web/versioned_docs/version-0.13.11/contact.md @@ -0,0 +1,5 @@ +--- +title: Contact +--- + +You can find us on [Discord](https://discord.gg/rzdnErX) or you can reach out to us via email at hi@wasp-lang.dev. diff --git a/web/versioned_docs/version-0.13.11/contributing.md b/web/versioned_docs/version-0.13.11/contributing.md new file mode 100644 index 0000000000..2325a17861 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/contributing.md @@ -0,0 +1,19 @@ +--- +title: Contributing +sidebar_label: Contributing +slug: /contributing +--- + +import DiscordLink from '@site/blog/components/DiscordLink'; + +Any way you want to contribute is a good way, and we'd be happy to meet you! A single entry point for all contributors is the [CONTRIBUTING.md](https://github.com/wasp-lang/wasp/blob/main/CONTRIBUTING.md) file in our Github repo. All the requirements and instructions are there, so please check [CONTRIBUTING.md](https://github.com/wasp-lang/wasp/blob/main/CONTRIBUTING.md) for more details. + +Some side notes to make your journey easier: + +1. Join us on and let's talk! We can discuss language design, new/existing features, and weather, or you can tell us how you feel about Wasp :). + +2. Wasp's compiler is built with Haskell. That means you'll need to be somewhat familiar with this language if you'd like to contribute to the compiler itself. But Haskell is just a part of Wasp, and you can contribute to lot of parts that require web dev skills, either by coding or by suggesting how to improve Wasp and its design as a web framework. If you don't have Haskell knowledge (or any dev experience at all) - no problem. There are a lot of JS-related tasks and documentation updates as well! + +3. If there's something you'd like to bring to our attention, go to [docs GitHub repo](https://github.com/wasp-lang/wasp) and make an issue/PR! + +Happy hacking! diff --git a/web/versioned_docs/version-0.13.11/data-model/backends.md b/web/versioned_docs/version-0.13.11/data-model/backends.md new file mode 100644 index 0000000000..d76a5bd42b --- /dev/null +++ b/web/versioned_docs/version-0.13.11/data-model/backends.md @@ -0,0 +1,486 @@ +--- +title: Databases +--- + +import { Required } from '@site/src/components/Tag' + +[Entities](../data-model/entities.md), [Operations](../data-model/operations/overview) and [Automatic CRUD](../data-model/crud.md) together make a high-level interface for working with your app's data. Still, all that data has to live somewhere, so let's see how Wasp deals with databases. + +## Supported Database Backends + +Wasp supports multiple database backends. We'll list and explain each one. + +### SQLite + +The default database Wasp uses is [SQLite](https://www.sqlite.org/index.html). + +SQLite is a great way for getting started with a new project because it doesn't require any configuration, but Wasp can only use it in development. Once you want to deploy your Wasp app to production, you'll need to switch to PostgreSQL and stick with it. + +Fortunately, migrating from SQLite to PostgreSQL is pretty simple, and we have [a guide](#migrating-from-sqlite-to-postgresql) to help you. + +### PostgreSQL + +[PostgreSQL](https://www.postgresql.org/) is the most advanced open-source database and one of the most popular databases overall. +It's been in active development for 20+ years. +Therefore, if you're looking for a battle-tested database, look no further. + +To use Wasp with PostgreSQL, you'll have to ensure a database instance is running during development. Wasp needs access to your database for commands such as `wasp start` or `wasp db migrate-dev` and expects to find a connection string in the `DATABASE_URL` environment variable. + +We cover all supported ways of connecting to a database in [the next section](#connecting-to-a-database). + +### Migrating from SQLite to PostgreSQL + +To run your Wasp app in production, you'll need to switch from SQLite to PostgreSQL. + +1. Set the `app.db.system` field to PostgreSQL. + +```wasp title=main.wasp +app MyApp { + title: "My app", + // ... + db: { + system: PostgreSQL, + // ... + } +} +``` + +2. Delete all the old migrations, since they are SQLite migrations and can't be used with PostgreSQL, as well as the SQLite database by running [`wasp clean`](https://wasp-lang.dev/docs/general/cli#project-commands): + +```bash +rm -r migrations/ +wasp clean +``` + +3. Ensure your new database is running (check the [section on connecting to a database](#connecting-to-a-database) to see how). Leave it running, since we need it for the next step. +4. In a different terminal, run `wasp db migrate-dev` to apply the changes and create a new initial migration. +5. That is it, you are all done! + +## Connecting to a Database + +Assuming you're not using SQLite, Wasp offers two ways of connecting your app to a database instance: + +1. A ready-made dev database that requires minimal setup and is great for quick prototyping. +2. A "real" database Wasp can connect to and use in production. + +### Using the Dev Database Provided by Wasp + +The command `wasp start db` will start a default PostgreSQL dev database for you. + +Your Wasp app will automatically connect to it, just keep `wasp start db` running in the background. +Also, make sure that: + +- You have [Docker installed](https://www.docker.com/get-started/) and in `PATH`. +- The port `5432` isn't taken. + +### Connecting to an existing database + +If you want to spin up your own dev database (or connect to an external one), you can tell Wasp about it using the `DATABASE_URL` environment variable. Wasp will use the value of `DATABASE_URL` as a connection string. + +The easiest way to set the necessary `DATABASE_URL` environment variable is by adding it to the [.env.server](../project/env-vars) file in the root dir of your Wasp project (if that file doesn't yet exist, create it). + +Alternatively, you can set it inline when running `wasp` (this applies to all environment variables): + +```bash +DATABASE_URL= wasp ... +``` + +This trick is useful for running a certain `wasp` command on a specific database. +For example, you could do: + +```bash +DATABASE_URL= wasp db seed myProductionSeed +``` + +This command seeds the data for a fresh staging or production database. +To more precisely understand how seeding works, keep reading. + +## Seeding the Database + +**Database seeding** is a term used for populating the database with some initial data. + +Seeding is most commonly used for two following scenarios: + +1. To put the development database into a state convenient for working and testing. +2. To initialize any database (`dev`, `staging`, or `prod`) with essential data it requires to operate. + For example, populating the Currency table with default currencies, or the Country table with all available countries. + +### Writing a Seed Function + +You can define as many **seed functions** as you want in an array under the `app.db.seeds` field: + + + + +```wasp title=main.wasp +app MyApp { + // ... + db: { + // ... + seeds: [ + import { devSeedSimple } from "@src/dbSeeds.js", + import { prodSeed } from "@src/dbSeeds.js" + ] + } +} +``` + + + + +```wasp title=main.wasp +app MyApp { + // ... + db: { + // ... + seeds: [ + import { devSeedSimple } from "@src/dbSeeds.js", + import { prodSeed } from "@src/dbSeeds.js" + ] + } +} +``` + + + + +Each seed function must be an async function that takes one argument, `prisma`, which is a [Prisma Client](https://www.prisma.io/docs/concepts/components/prisma-client/crud) instance used to interact with the database. +This is the same Prisma Client instance that Wasp uses internally and thus includes all of the usual features (e.g., password hashing). + +Since a seed function falls under server-side code, it can import other server-side functions. This is convenient because you might want to seed the database using Actions. + +Here's an example of a seed function that imports an Action: + + + + +```js +import { createTask } from './actions.js' +import { sanitizeAndSerializeProviderData } from 'wasp/server/auth' + +export const devSeedSimple = async (prisma) => { + const user = await createUser(prisma, { + username: 'RiuTheDog', + password: 'bark1234', + }) + + await createTask( + { description: 'Chase the cat' }, + { user, entities: { Task: prisma.task } } + ) +} + +async function createUser(prisma, data) { + const newUser = await prisma.user.create({ + data: { + auth: { + create: { + identities: { + create: { + providerName: 'username', + providerUserId: data.username, + providerData: sanitizeAndSerializeProviderData({ + hashedPassword: data.password + }), + }, + }, + }, + }, + }, + }) + + return newUser +} +``` + + + + +```ts +import { createTask } from './actions.js' +import { sanitizeAndSerializeProviderData } from 'wasp/server/auth' +import { type AuthUser } from 'wasp/auth' +import { PrismaClient } from '@prisma/client' + +export const devSeedSimple = async (prisma: PrismaClient) => { + const user = await createUser(prisma, { + username: 'RiuTheDog', + password: 'bark1234', + }) + + await createTask( + { description: 'Chase the cat', isDone: false }, + { user, entities: { Task: prisma.task } } + ) +}; + +async function createUser( + prisma: PrismaClient, + data: { username: string, password: string } +): Promise { + const newUser = await prisma.user.create({ + data: { + auth: { + create: { + identities: { + create: { + providerName: 'username', + providerUserId: data.username, + providerData: sanitizeAndSerializeProviderData<'username'>({ + hashedPassword: data.password + }), + }, + }, + }, + }, + }, + }) + + return newUser +} +``` + + + + +### Running seed functions + +Run the command `wasp db seed` and Wasp will ask you which seed function you'd like to run (if you've defined more than one). + +Alternatively, run the command `wasp db seed ` to choose a specific seed function right away, for example: + +``` +wasp db seed devSeedSimple +``` + +Check the [API Reference](#cli-commands-for-seeding-the-database) for more details on these commands. + +:::tip +You'll often want to call `wasp db seed` right after you run `wasp db reset`, as it makes sense to fill the database with initial data after clearing it. +::: + +## Prisma Configuration + +Wasp uses [Prisma](https://www.prisma.io/) to interact with the database. Prisma is a "Next-generation Node.js and TypeScript ORM" that provides a type-safe API for working with your database. + +### Prisma Preview Features + +Prisma is still in active development and some of its features are not yet stable. To use them, you have to enable them in the `app.db.prisma.clientPreviewFeatures` field: + +```wasp title="main.wasp" +app MyApp { + // ... + db: { + system: PostgreSQL, + prisma: { + clientPreviewFeatures: ["postgresqlExtensions"] + } + } +} +``` + + + +Read more about Prisma preview features in the [Prisma docs](https://www.prisma.io/docs/concepts/components/preview-features/client-preview-features). + + +### PostgreSQL Extensions + +PostgreSQL supports [extensions](https://www.postgresql.org/docs/current/contrib.html) that add additional functionality to the database. For example, the [hstore](https://www.postgresql.org/docs/13/hstore.html) extension adds support for storing key-value pairs in a single column. + +To use PostgreSQL extensions with Prisma, you have to enable them in the `app.db.prisma.dbExtensions` field: + +```wasp title="main.wasp" +app MyApp { + // ... + db: { + system: PostgreSQL, + prisma: { + clientPreviewFeatures: ["postgresqlExtensions"] + dbExtensions: [ + { name: "hstore", schema: "myHstoreSchema" }, + { name: "pg_trgm" }, + { name: "postgis", version: "2.1" }, + ] + } + } +} +``` + + + +Read more about PostgreSQL configuration in Wasp in the [API Reference](#the-appdb-field). + + +## API Reference + +You can tell Wasp which database to use in the `app` declaration's `db` field: + +### The `app.db` Field + +Here's an example that uses the `app.db` field to its full potential: + + + + +```wasp title=main.wasp +app MyApp { + title: "My app", + // ... + db: { + system: PostgreSQL, + seeds: [ + import devSeed from "@src/dbSeeds.js" + ], + prisma: { + clientPreviewFeatures: ["extendedWhereUnique"] + } + } +} +``` + + + + +```wasp title=main.wasp +app MyApp { + title: "My app", + // ... + db: { + system: PostgreSQL, + seeds: [ + import devSeed from "@src/dbSeeds.js" + ], + prisma: { + clientPreviewFeatures: ["extendedWhereUnique"] + } + } +} +``` + + + + +`app.db` is a dictionary with the following fields (all fields are optional): + +- `system: DbSystem` + + The database system Wasp should use. It can be either PostgreSQL or SQLite. + The default value for the field is SQLite (this default value also applies if the entire `db` field is left unset). + Whenever you modify the `db.system` field, make sure to run `wasp db migrate-dev` to apply the changes. + +- `seeds: [ExtImport]` + + Defines the seed functions you can use with the `wasp db seed` command to seed your database with initial data. + Read the [Seeding section](#seeding-the-database) for more details. + +- `prisma: PrismaOptions` + + Additional configuration for Prisma. + + ```wasp title="main.wasp" + app MyApp { + // ... + db: { + // ... + prisma: { + clientPreviewFeatures: ["postgresqlExtensions"], + dbExtensions: [ + { name: "hstore", schema: "myHstoreSchema" }, + { name: "pg_trgm" }, + { name: "postgis", version: "2.1" }, + ] + } + } + } + ``` + + It's a dictionary with the following fields: + + - `clientPreviewFeatures : [string]` + + Allows you to define [Prisma client preview features](https://www.prisma.io/docs/concepts/components/preview-features/client-preview-features), like for example, `"postgresqlExtensions"`. + + - `dbExtensions: DbExtension[]` + + It allows you to define PostgreSQL extensions that should be enabled for your database. Read more about [PostgreSQL extensions in Prisma](https://www.prisma.io/docs/concepts/components/prisma-schema/postgresql-extensions). + + For each extension you define a dict with the following fields: + + - `name: string` + + The name of the extension you would normally put in the Prisma file. + + ```prisma title="schema.prisma" + extensions = [hstore(schema: "myHstoreSchema"), pg_trgm, postgis(version: "2.1")] + // πŸ‘† Extension name + ``` + + - `map: string` + + It sets the `map` argument of the extension. Explanation for the field from the Prisma docs: + > This is the database name of the extension. If this argument is not specified, the name of the extension in the Prisma schema must match the database name. + + - `schema: string` + + It sets the `schema` argument of the extension. Explanation for the field from the Prisma docs: + > This is the name of the schema in which to activate the extension's objects. If this argument is not specified, the current default object creation schema is used. + + - `version: string` + + It sets the `version` argument of the extension. Explanation for the field from the Prisma docs: + > This is the version of the extension to activate. If this argument is not specified, the value given in the extension's control file is used. + +### CLI Commands for Seeding the Database + +Use one of the following commands to run the seed functions: + +- `wasp db seed` + + If you've only defined a single seed function, this command runs it. If you've defined multiple seed functions, it asks you to choose one interactively. + +- `wasp db seed ` + + This command runs the seed function with the specified name. The name is the identifier used in its `import` expression in the `app.db.seeds` list. + For example, to run the seed function `devSeedSimple` which was defined like this: + + + + + ```wasp title=main.wasp + app MyApp { + // ... + db: { + // ... + seeds: [ + // ... + import { devSeedSimple } from "@src/dbSeeds.js", + ] + } + } + ``` + + + + + ```wasp title=main.wasp + app MyApp { + // ... + db: { + // ... + seeds: [ + // ... + import { devSeedSimple } from "@src/dbSeeds.js", + ] + } + } + ``` + + + + + Use the following command: + + ``` + wasp db seed devSeedSimple + ``` diff --git a/web/versioned_docs/version-0.13.11/data-model/crud.md b/web/versioned_docs/version-0.13.11/data-model/crud.md new file mode 100644 index 0000000000..7622b15edc --- /dev/null +++ b/web/versioned_docs/version-0.13.11/data-model/crud.md @@ -0,0 +1,745 @@ +--- +title: Automatic CRUD +--- + +import { Required } from '@site/src/components/Tag'; +import { ShowForTs } from '@site/src/components/TsJsHelpers'; +import ImgWithCaption from '@site/blog/components/ImgWithCaption' + +If you have a lot of experience writing full-stack apps, you probably ended up doing some of the same things many times: listing data, adding data, editing it, and deleting it. + +Wasp makes handling these boring bits easy by offering a higher-level concept called Automatic CRUD. + +With a single declaration, you can tell Wasp to automatically generate server-side logic (i.e., Queries and Actions) for creating, reading, updating and deleting [Entities](../data-model/entities). As you update definitions for your Entities, Wasp automatically regenerates the backend logic. + +:::caution Early preview +This feature is currently in early preview and we are actively working on it. Read more about [our plans](#future-of-crud-operations-in-wasp) for CRUD operations. +::: + +## Overview + +Imagine we have a `Task` entity and we want to enable CRUD operations for it. + +```wasp title="main.wasp" +entity Task {=psl + id Int @id @default(autoincrement()) + description String + isDone Boolean +psl=} +``` + +We can then define a new `crud` called `Tasks`. + +We specify to use the `Task` entity and we enable the `getAll`, `get`, `create` and `update` operations (let's say we don't need the `delete` operation). + +```wasp title="main.wasp" +crud Tasks { + entity: Task, + operations: { + getAll: { + isPublic: true, // by default only logged in users can perform operations + }, + get: {}, + create: { + overrideFn: import { createTask } from "@src/tasks.js", + }, + update: {}, + }, +} +``` + +1. It uses default implementation for `getAll`, `get`, and `update`, +2. ... while specifying a custom implementation for `create`. +3. `getAll` will be public (no auth needed), while the rest of the operations will be private. + +Here's what it looks like when visualized: + + + +We can now use the CRUD queries and actions we just specified in our client code. + +Keep reading for an example of Automatic CRUD in action, or skip ahead for the [API Reference](#api-reference) + +## Example: A Simple TODO App + +Let's create a full-app example that uses automatic CRUD. We'll stick to using the `Task` entity from the previous example, but we'll add a `User` entity and enable [username and password](../auth/username-and-pass) based auth. + + + +### Creating the App + +We can start by running `wasp new tasksCrudApp` and then adding the following to the `main.wasp` file: + +```wasp title="main.wasp" +app tasksCrudApp { + wasp: { + version: "^0.13.0" + }, + title: "Tasks Crud App", + + // We enabled auth and set the auth method to username and password + auth: { + userEntity: User, + methods: { + usernameAndPassword: {}, + }, + onAuthFailedRedirectTo: "/login", + }, +} + +entity User {=psl + id Int @id @default(autoincrement()) + tasks Task[] +psl=} + +// We defined a Task entity on which we'll enable CRUD later on +entity Task {=psl + id Int @id @default(autoincrement()) + description String + isDone Boolean + userId Int + user User @relation(fields: [userId], references: [id]) +psl=} + +// Tasks app routes +route RootRoute { path: "/", to: MainPage } +page MainPage { + component: import { MainPage } from "@src/MainPage.jsx", + authRequired: true, +} + +route LoginRoute { path: "/login", to: LoginPage } +page LoginPage { + component: import { LoginPage } from "@src/LoginPage.jsx", +} + +route SignupRoute { path: "/signup", to: SignupPage } +page SignupPage { + component: import { SignupPage } from "@src/SignupPage.jsx", +} +``` + +We can then run `wasp db migrate-dev` to create the database and run the migrations. + +### Adding CRUD to the `Task` Entity ✨ + +Let's add the following `crud` declaration to our `main.wasp` file: + +```wasp title="main.wasp" +// ... + +crud Tasks { + entity: Task, + operations: { + getAll: {}, + create: { + overrideFn: import { createTask } from "@src/tasks.js", + }, + }, +} +``` + +You'll notice that we enabled only `getAll` and `create` operations. This means that only these operations will be available. + +We also overrode the `create` operation with a custom implementation. This means that the `create` operation will not be generated, but instead, the `createTask` function from `@src/tasks.js` will be used. + +### Our Custom `create` Operation + +Here's the `src/tasks.{js,ts}` file: + + + + +```js title=src/tasks.js +import { HttpError } from 'wasp/server' + +export const createTask = async (args, context) => { + if (!context.user) { + throw new HttpError(401, 'User not authenticated.') + } + + const { description, isDone } = args + const { Task } = context.entities + + return await Task.create({ + data: { + description, + isDone, + // highlight-start + // Connect the task to the user that is creating it + user: { + connect: { + id: context.user.id, + }, + }, + // highlight-end + }, + }) +} +``` + + + + +```ts title=src/tasks.ts +import { type Tasks } from 'wasp/server/crud' +import { type Task } from 'wasp/entities' +import { HttpError } from 'wasp/server' + +type CreateTaskInput = { description: string; isDone: boolean } + +export const createTask: Tasks.CreateAction = async ( + args, + context +) => { + if (!context.user) { + throw new HttpError(401, 'User not authenticated.') + } + + const { description, isDone } = args + const { Task } = context.entities + + return await Task.create({ + data: { + description, + isDone, + // highlight-start + // Connect the task to the user that is creating it + user: { + connect: { + id: context.user.id, + }, + }, + // highlight-end + }, + }) +} +``` + + + + +We made a custom `create` operation because we want to make sure that the task is connected to the user that is creating it. +Automatic CRUD doesn't support this by default (yet!). +Read more about the default implementations [here](#declaring-a-crud-with-default-options). + +### Using the Generated CRUD Operations on the Client + +And let's use the generated operations in our client code: + + + + +```jsx title="src/MainPage.jsx" +// highlight-next-line +import { Tasks } from 'wasp/client/crud' +import { useState } from 'react' + +export const MainPage = () => { + // highlight-next-line + const { data: tasks, isLoading, error } = Tasks.getAll.useQuery() + // highlight-next-line + const createTask = Tasks.create.useAction() + const [taskDescription, setTaskDescription] = useState('') + + function handleCreateTask() { + createTask({ description: taskDescription, isDone: false }) + setTaskDescription('') + } + + if (isLoading) return
    Loading...
    + if (error) return
    Error: {error.message}
    + return ( +
    +
    + setTaskDescription(e.target.value)} + /> + +
    +
      + {tasks.map((task) => ( +
    • {task.description}
      • + ))} +
    +
    + ) +} +``` + +     + + +```tsx title="src/MainPage.tsx" +// highlight-next-line +import { Tasks } from 'wasp/client/crud' +import { useState } from 'react' + +export const MainPage = () => { + // highlight-next-line + // Thanks to full-stack type safety, all payload types are inferred + // highlight-next-line + // automatically + // highlight-next-line + const { data: tasks, isLoading, error } = Tasks.getAll.useQuery() + // highlight-next-line + const createTask = Tasks.create.useAction() + const [taskDescription, setTaskDescription] = useState('') + + function handleCreateTask() { + createTask({ description: taskDescription, isDone: false }) + setTaskDescription('') + } + + if (isLoading) return
    Loading...
    + if (error) return
    Error: {error.message}
    + return ( +
    +
    + setTaskDescription(e.target.value)} + /> + +
    +
      + {tasks.map((task) => ( +
    • {task.description}
      • + ))} +
    +
    + ) +} +``` + +     +     + +And here are the login and signup pages, where we are using Wasp's [Auth UI](../auth/ui) components: + + + + +```jsx title="src/LoginPage.jsx" +import { LoginForm } from 'wasp/client/auth' +import { Link } from 'react-router-dom' + +export function LoginPage() { + return ( +
    + +
    + Create an account +
    +
    + ) +} +``` + +     + + +```tsx title="src/LoginPage.tsx" +import { LoginForm } from 'wasp/client/auth' +import { Link } from 'react-router-dom' + +export function LoginPage() { + return ( +
    + +
    + Create an account +
    +
    + ) +} +``` + +     +     + + + + +```jsx title="src/SignupPage.jsx" +import { SignupForm } from 'wasp/client/auth' + +export function SignupPage() { + return ( +
    + +
    + ) +} +``` + +     + + +```tsx title="src/SignupPage.tsx" +import { SignupForm } from 'wasp/client/auth' + +export function SignupPage() { + return ( +
    + +
    + ) +} +``` + +     +     + +That's it. You can now run `wasp start` and see the app in action. ⚑️ + +You should see a login page and a signup page. After you log in, you should see a page with a list of tasks and a form to create new tasks. + +## Future of CRUD Operations in Wasp + +CRUD operations currently have a limited set of knowledge about the business logic they are implementing. + +- For example, they don't know that a task should be connected to the user that is creating it. This is why we had to override the `create` operation in the example above. +- Another thing: they are not aware of the authorization rules. For example, they don't know that a user should not be able to create a task for another user. In the future, we will be adding role-based authorization to Wasp, and we plan to make CRUD operations aware of the authorization rules. +- Another issue is input validation and sanitization. For example, we might want to make sure that the task description is not empty. + +CRUD operations are a mechanism for getting a backend up and running quickly, but it depends on the information it can get from the Wasp app. The more information that it can pick up from your app, the more powerful it will be out of the box. + +We plan on supporting CRUD operations and growing them to become the easiest way to create your backend. Follow along on [this GitHub issue](https://github.com/wasp-lang/wasp/issues/1253) to see how we are doing. + +## API Reference + +CRUD declaration work on top of existing entity declaration. We'll fully explore the API using two examples: + +1. A basic CRUD declaration that relies on default options. +2. A more involved CRUD declaration that uses extra options and overrides. + +### Declaring a CRUD With Default Options + +If we create CRUD operations for an entity named `Task`, like this: + + + + +```wasp title="main.wasp" +crud Tasks { // crud name here is "Tasks" + entity: Task, + operations: { + get: {}, + getAll: {}, + create: {}, + update: {}, + delete: {}, + }, +} +``` + +Wasp will give you the following default implementations: + +**get** - returns one entity based on the `id` field + +```js +// ... +// Wasp uses the field marked with `@id` in Prisma schema as the id field. +return Task.findUnique({ where: { id: args.id } }) +``` + +**getAll** - returns all entities + +```js +// ... + +// If the operation is not public, Wasp checks if an authenticated user +// is making the request. + +return Task.findMany() +``` + +**create** - creates a new entity + +```js +// ... +return Task.create({ data: args.data }) +``` + +**update** - updates an existing entity + +```js +// ... +// Wasp uses the field marked with `@id` in Prisma schema as the id field. +return Task.update({ where: { id: args.id }, data: args.data }) +``` + +**delete** - deletes an existing entity + +```js +// ... +// Wasp uses the field marked with `@id` in Prisma schema as the id field. +return Task.delete({ where: { id: args.id } }) +``` + + + + +```wasp title="main.wasp" +crud Tasks { // crud name here is "Tasks" + entity: Task, + operations: { + get: {}, + getAll: {}, + create: {}, + update: {}, + delete: {}, + }, +} +``` + +Wasp will give you the following default implementations: + +**get** - returns one entity based on the `id` field + +```ts +// ... +// Wasp uses the field marked with `@id` in Prisma schema as the id field. +return Task.findUnique({ where: { id: args.id } }) +``` + +**getAll** - returns all entities + +```ts +// ... + +// If the operation is not public, Wasp checks if an authenticated user +// is making the request. + +return Task.findMany() +``` + +**create** - creates a new entity + +```ts +// ... +return Task.create({ data: args.data }) +``` + +**update** - updates an existing entity + +```ts +// ... +// Wasp uses the field marked with `@id` in Prisma schema as the id field. +return Task.update({ where: { id: args.id }, data: args.data }) +``` + +**delete** - deletes an existing entity + +```ts +// ... +// Wasp uses the field marked with `@id` in Prisma schema as the id field. +return Task.delete({ where: { id: args.id } }) +``` + + + + +:::info Current Limitations +In the default `create` and `update` implementations, we are saving all of the data that the client sends to the server. This is not always desirable, i.e. in the case when the client should not be able to modify all of the data in the entity. + +[In the future](#future-of-crud-operations-in-wasp), we are planning to add validation of action input, where only the data that the user is allowed to change will be saved. + +For now, the solution is to provide an override function. You can override the default implementation by using the `overrideFn` option and implementing the validation logic yourself. + +::: + +### Declaring a CRUD With All Available Options + +Here's an example of a more complex CRUD declaration: + + + + +```wasp title="main.wasp" +crud Tasks { // crud name here is "Tasks" + entity: Task, + operations: { + getAll: { + isPublic: true, // optional, defaults to false + }, + get: {}, + create: { + overrideFn: import { createTask } from "@src/tasks.js", // optional + }, + update: {}, + }, +} +``` + + + + +```wasp title="main.wasp" +crud Tasks { // crud name here is "Tasks" + entity: Task, + operations: { + getAll: { + isPublic: true, // optional, defaults to false + }, + get: {}, + create: { + overrideFn: import { createTask } from "@src/tasks.js", // optional + }, + update: {}, + }, +} +``` + + + + +The CRUD declaration features the following fields: + +- `entity: Entity` + + The entity to which the CRUD operations will be applied. + +- `operations: { [operationName]: CrudOperationOptions }` + + The operations to be generated. The key is the name of the operation, and the value is the operation configuration. + + - The possible values for `operationName` are: + - `getAll` + - `get` + - `create` + - `update` + - `delete` + - `CrudOperationOptions` can have the following fields: + - `isPublic: bool` - Whether the operation is public or not. If it is public, no auth is required to access it. If it is not public, it will be available only to authenticated users. Defaults to `false`. + - `overrideFn: ExtImport` - The import statement of the optional override implementation in Node.js. + +#### Defining the overrides + +Like with actions and queries, you can define the implementation in a Javascript/Typescript file. The overrides are functions that take the following arguments: + +- `args` + + The arguments of the operation i.e. the data sent from the client. + +- `context` + + Context contains the `user` making the request and the `entities` object with the entity that's being operated on. + + + +You can also import types for each of the functions you want to override by importing the `{crud name}` from `wasp/server/crud`. The available types are: + +- `{crud name}.GetAllQuery` +- `{crud name}.GetQuery` +- `{crud name}.CreateAction` +- `{crud name}.UpdateAction` +- `{crud name}.DeleteAction` + +If you have a CRUD named `Tasks`, you would import the types like this: + +```ts +import { type Tasks } from 'wasp/server/crud' + +// Each of the types is a generic type, so you can use it like this: +export const getAllOverride: Tasks.GetAllQuery = async ( + args, + context +) => { + // ... +} +``` + + + +For a usage example, check the [example guide](../data-model/crud#adding-crud-to-the-task-entity-). + +#### Using the CRUD operations in client code + +On the client, you import the CRUD operations from `wasp/client/crud` by import the `{crud name}` object. For example, if you have a CRUD called `Tasks`, you would import the operations like this: + + + + +```jsx title="SomePage.jsx" +import { Tasks } from 'wasp/client/crud' +``` + + + + +```tsx title="SomePage.tsx" +import { Tasks } from 'wasp/client/crud' +``` + + + + +You can then access the operations like this: + + + + +```jsx title="SomePage.jsx" +const { data } = Tasks.getAll.useQuery() +const { data } = Tasks.get.useQuery({ id: 1 }) +const createAction = Tasks.create.useAction() +const updateAction = Tasks.update.useAction() +const deleteAction = Tasks.delete.useAction() +``` + + + + +```tsx title="SomePage.tsx" +const { data } = Tasks.getAll.useQuery() +const { data } = Tasks.get.useQuery({ id: 1 }) +const createAction = Tasks.create.useAction() +const updateAction = Tasks.update.useAction() +const deleteAction = Tasks.delete.useAction() +``` + + + + +All CRUD operations are implemented with [Queries and Actions](../data-model/operations/overview) under the hood, which means they come with all the features you'd expect (e.g., automatic SuperJSON serialization, full-stack type safety when using TypeScript) + +--- + +Join our **community** on [Discord](https://discord.com/invite/rzdnErX), where we chat about full-stack web stuff. Join us to see what we are up to, share your opinions or get help with CRUD operations. diff --git a/web/versioned_docs/version-0.13.11/data-model/entities.md b/web/versioned_docs/version-0.13.11/data-model/entities.md new file mode 100644 index 0000000000..7b363bcbb0 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/data-model/entities.md @@ -0,0 +1,105 @@ +--- +title: Entities +--- + +Entities are the foundation of your app's data model. In short, an Entity defines a model in your database. + +Wasp uses the excellent [Prisma ORM](https://www.prisma.io/) to implement all database functionality and occasionally enhances it with a thin abstraction layer. +Wasp Entities directly correspond to [Prisma's data model](https://www.prisma.io/docs/concepts/components/prisma-schema/data-model). Still, you don't need to be familiar with Prisma to effectively use Wasp, as it comes with a simple API wrapper for working with Prisma's core features. + +The only requirement for defining Wasp Entities is familiarity with the **_Prisma Schema Language (PSL)_**, a simple definition language explicitly created for defining models in Prisma. +The language is declarative and very intuitive. We'll also go through an example later in the text, so there's no need to go and thoroughly learn it right away. Still, if you're curious, look no further than Prisma's official documentation: + +- [Basic intro and examples](https://www.prisma.io/docs/reference/tools-and-interfaces/prisma-schema) +- [A more exhaustive language specification](https://www.prisma.io/docs/reference/api-reference/prisma-schema-reference) + +## Defining an Entity + +As mentioned, an `entity` declaration represents a database model. + +Each `Entity` declaration corresponds 1-to-1 to [Prisma's data model](https://www.prisma.io/docs/concepts/components/prisma-schema/data-model). Here's how you could define an Entity that represents a Task: + + + + +```wasp +entity Task {=psl + id Int @id @default(autoincrement()) + description String + isDone Boolean @default(false) +psl=} +``` + + + + +```wasp +entity Task {=psl + id Int @id @default(autoincrement()) + description String + isDone Boolean @default(false) +psl=} +``` + + + + +Let's go through this declaration in detail: + +- `entity Task` - This tells Wasp that we wish to define an Entity (i.e., database model) called `Task`. Wasp automatically creates a table called `tasks`. +- `{=psl ... psl=}` - Wasp treats everything that comes between the two `psl` tags as [PSL (Prisma Schema Language)](https://www.prisma.io/docs/reference/tools-and-interfaces/prisma-schema). + +The above PSL definition tells Wasp to create a table for storing Tasks where each task has three fields (i.e., the `tasks` table has three columns): + +- `id` - An integer value serving as a primary key. The database automatically generates it by incrementing the previously generated `id`. +- `description` - A string value for storing the task's description. +- `isDone` - A boolean value indicating the task's completion status. If you don't set it when creating a new task, the database sets it to `false` by default. + +### Working with Entities + +Let's see how you can define and work with Wasp Entities: + +1. Create/update some Entities in your `.wasp` file. +2. Run `wasp db migrate-dev`. This command syncs the database model with the Entity definitions in your `.wasp` file. It does this by creating migration scripts. +3. Migration scripts are automatically placed in the `migrations/` folder. Make sure to commit this folder into version control. +4. Use Wasp's JavasScript API to work with the database when implementing Operations (we'll cover this in detail when we talk about [operations](../data-model/operations/overview)). + +#### Using Entities in Operations + +Most of the time, you will be working with Entities within the context of [Operations (Queries & Actions)](../data-model/operations/overview). We'll see how that's done on the next page. + +#### Using Entities directly + +If you need more control, you can directly interact with Entities by importing and using the [Prisma Client](https://www.prisma.io/docs/concepts/components/prisma-client/crud). We recommend sticking with conventional Wasp-provided mechanisms, only resorting to directly using the Prisma client only if you need a feature Wasp doesn't provide. + +You can only use the Prisma Client in your Wasp server code. You can import it like this: + + + +```js +import { prisma } from 'wasp/server' + +prisma.task.create({ + description: "Read the Entities doc", + isDone: true // almost :) +}) +``` + + + + +```ts +import { prisma } from 'wasp/server' + +prisma.task.create({ + description: "Read the Entities doc", + isDone: true // almost :) +}) +``` + + + + +### Next steps + +Now that we've seen how to define Entities that represent Wasp's core data model, we'll see how to make the most of them in other parts of Wasp. Keep reading to learn all about Wasp Operations! diff --git a/web/versioned_docs/version-0.13.11/data-model/operations/_superjson-note.md b/web/versioned_docs/version-0.13.11/data-model/operations/_superjson-note.md new file mode 100644 index 0000000000..9890d512c2 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/data-model/operations/_superjson-note.md @@ -0,0 +1,14 @@ +import { ShowForTs } from '@site/src/components/TsJsHelpers'; + +:::tip +Wasp uses [superjson](https://github.com/blitz-js/superjson) under the hood. +This means you're not limited to only sending and receiving JSON payloads. + +You can send and receive any superjson-compatible payload (like Dates, Sets, Lists, circular references, etc.) and let Wasp handle the (de)serialization. + + + +As long as you're annotating your Queries with the correct automatically generated types, TypeScript ensures your payloads are valid (i.e., Wasp knows how to serialize and deserialize them). + + +::: diff --git a/web/versioned_docs/version-0.13.11/data-model/operations/actions.md b/web/versioned_docs/version-0.13.11/data-model/operations/actions.md new file mode 100644 index 0000000000..365eb32ed4 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/data-model/operations/actions.md @@ -0,0 +1,833 @@ +--- +title: Actions +--- + +import { Required } from '@site/src/components/Tag'; +import { ShowForTs } from '@site/src/components/TsJsHelpers'; +import SuperjsonNote from './\_superjson-note.md'; + +We'll explain what Actions are and how to use them. If you're looking for a detailed API specification, skip ahead to the [API Reference](#api-reference). + +Actions are quite similar to [Queries](../../data-model/operations/queries.md), but with a key distinction: Actions are designed to modify and add data, while Queries are solely for reading data. Examples of Actions include adding a comment to a blog post, liking a video, or updating a product's price. + +Actions and Queries work together to keep data caches up-to-date. + +:::tip +Actions are almost identical to Queries in terms of their API. +Therefore, if you're already familiar with Queries, you might find reading the entire guide repetitive. + +We instead recommend skipping ahead and only reading [the differences between Queries and Actions](#differences-between-queries-and-actions), and consulting the [API Reference](#api-reference) as needed. +::: + +## Working with Actions + +Actions are declared in Wasp and implemented in NodeJS. Wasp runs Actions within the server's context, but it also generates code that allows you to call them from anywhere in your code (either client or server) using the same interface. + +This means you don't have to worry about building an HTTP API for the Action, managing server-side request handling, or even dealing with client-side response handling and caching. +Instead, just focus on developing the business logic inside your Action, and let Wasp handle the rest! + +To create an Action, you need to: + +1. Declare the Action in Wasp using the `action` declaration. +2. Implement the Action's NodeJS functionality. + +Once these two steps are completed, you can use the Action from anywhere in your code. + +### Declaring Actions + +To create an Action in Wasp, we begin with an `action` declaration. Let's declare two Actions - one for creating a task, and another for marking tasks as done: + + + + +```wasp title="main.wasp" +// ... + +action createTask { + fn: import { createTask } from "@src/actions.js" +} + +action markTaskAsDone { + fn: import { markTaskAsDone } from "@src/actions.js" +} + +``` + + + + +```wasp title="main.wasp" +// ... + +action createTask { + fn: import { createTask } from "@src/actions.js" +} + +action markTaskAsDone { + fn: import { markTaskAsDone } from "@src/actions.js" +} +``` + + + + + + +If you want to know about all supported options for the `action` declaration, take a look at the [API Reference](#api-reference). + + + +The names of Wasp Actions and their implementations don't necessarily have to match. However, to avoid confusion, we'll keep them the same. + + + +After declaring a Wasp Action, two important things happen: + +- Wasp **generates a server-side NodeJS function** that shares its name with the Action. + +- Wasp **generates a client-side JavaScript function** that shares its name with the Action (e.g., `markTaskAsDone`). + This function takes a single optional argument - an object containing any serializable data you wish to use inside the Action. + Wasp will send this object over the network and pass it into the Action's implementation as its first positional argument (more on this when we look at the implementations). + Such an abstraction works thanks to an HTTP API route handler Wasp generates on the server, which calls the Action's NodeJS implementation under the hood. + +Generating these two functions ensures a uniform calling interface across the entire app (both client and server). + +### Implementing Actions in Node + +Now that we've declared the Action, what remains is to implement it. We've instructed Wasp to look for the Actions' implementations in the file `src/actions.{js,ts}`, so that's where we should export them from. + +Here's how you might implement the previously declared Actions `createTask` and `markTaskAsDone`: + + + + +```js title="src/actions.js" +// our "database" +let nextId = 4 +const tasks = [ + { id: 1, description: 'Buy some eggs', isDone: true }, + { id: 2, description: 'Make an omelette', isDone: false }, + { id: 3, description: 'Eat breakfast', isDone: false }, +] + +// You don't need to use the arguments if you don't need them +export const createTask = (args) => { + const newTask = { + id: nextId, + isDone: false, + description: args.description, + } + nextId += 1 + tasks.push(newTask) + return newTask +} + +// The 'args' object is something sent by the caller (most often from the client) +export const markTaskAsDone = (args) => { + const task = tasks.find((task) => task.id === args.id) + if (!task) { + // We'll show how to properly handle such errors later + return + } + task.isDone = true +} +``` + + + + + + +```ts title="src/actions.ts" +import { type CreateTask, type MarkTaskAsDone } from 'wasp/server/operations' + +type Task = { + id: number + description: string + isDone: boolean +} + +// our "database" +let nextId = 4 +const tasks = [ + { id: 1, description: 'Buy some eggs', isDone: true }, + { id: 2, description: 'Make an omelette', isDone: false }, + { id: 3, description: 'Eat breakfast', isDone: false }, +] + +// You don't need to use the arguments if you don't need them +export const createTask: CreateTask, Task> = ( + args +) => { + const newTask = { + id: nextId, + isDone: false, + description: args.description, + } + nextId += 1 + tasks.push(newTask) + return newTask +} + +// The 'args' object is something sent by the caller (most often from the client) +export const markTaskAsDone: MarkTaskAsDone, void> = ( + args +) => { + const task = tasks.find((task) => task.id === args.id) + if (!task) { + // We'll show how to properly handle such errors later + return + } + task.isDone = true +} +``` + +Wasp automatically generates the types `CreateTask` and `MarkTaskAsDone` based on the declarations in your Wasp file: + +- `CreateTask` is a generic type that Wasp automatically generated based on the Action declaration for `createTask`. +- `MarkTaskAsDone` is a generic type that Wasp automatically generated based on the Action declaration for `markTaskAsDone`. + +You can use these types to specify the Action's input and output types. + +The Action `createTask` expects to get an object of type `{ description: string }` and returns the newly created task (an object of type `Task`). + +The Action `markTaskAsDone`, expects an object of type `{ id: number }` and doesn't return anything (i.e., its return type is `void`). + +We've derived most of the payload types from the type `Task`. + +Annotating the Actions is optional, but highly recommended. Doing so enables **full-stack type safety**. We'll see what this means when calling the Action from the client. + +:::tip +Wasp uses [superjson](https://github.com/blitz-js/superjson) under the hood. In other words, you don't need to limit yourself to only sending and receiving JSON payloads. + +Send and receive any superjson-compatible payload (e.g., Dates, Sets, Lists, circular references, etc.) and let Wasp take care of the (de)serialization. + +As long as you're annotating your Actions with correct automatically generated types, TypeScript ensures your payloads are valid (i.e., that Wasp knows how to serialize and deserialize them). +::: + + + + + + +For a detailed explanation of the Action definition API (i.e., arguments and return values), check the [API Reference](#api-reference). + + + +### Using Actions + +To use an Action, you can import it from `wasp/client/operations` and call it directly. As mentioned, the usage doesn't change depending on whether you're on the server or the client: + + + + +```js +import { createTask, markTasAsDone } from 'wasp/client/operations' + +// ... + +const newTask = await createTask({ description: 'Learn TypeScript' }) +await markTasAsDone({ id: 1 }) +``` + + + + +```ts +import { createTask, markTasAsDone } from 'wasp/client/operations' + +// TypeScript automatically infers the return values and type-checks +// the payloads. +const newTask = await createTask({ description: 'Keep learning TypeScript' }) +await markTasAsDone({ id: 1 }) +``` + + + + +When using Actions on the client, you'll most likely want to use them inside a component: + + + + +```jsx title=src/pages/Task.jsx +import React from 'react' +// highlight-next-line +import { useQuery, getTask, markTaskAsDone } from 'wasp/client/operations' + +export const TaskPage = ({ id }) => { + const { data: task } = useQuery(getTask, { id }) + + if (!task) { + return

    "Loading"

    + } + + const { description, isDone } = task + return ( +
    +

    + Description: + {description} +

    +

    + Is done: + {isDone ? 'Yes' : 'No'} +

    + {isDone || ( + // highlight-next-line + + )} +
    + ) +} +``` + +     + + +```tsx title=src/pages/Task.tsx +import React from 'react' +// highlight-next-line +import { useQuery, getTask, markTaskAsDone } from 'wasp/client/operations' + +export const TaskPage = ({ id }: { id: number }) => { + const { data: task } = useQuery(getTask, { id }) + + if (!task) { + return

    "Loading"

    + } + + const { description, isDone } = task + return ( +
    +

    + Description: + {description} +

    +

    + Is done: + {isDone ? 'Yes' : 'No'} +

    + {isDone || ( + // highlight-next-line + + )} +
    + ) +} +``` + +     +     + +Since Actions don't require reactivity, they are safe to use inside components without a hook. Still, Wasp provides comes with the `useAction` hook you can use to enhance actions. Read all about it in the [API Reference](#api-reference). + +### Error Handling + +For security reasons, all exceptions thrown in the Action's NodeJS implementation are sent to the client as responses with the HTTP status code `500`, with all other details removed. +Hiding error details by default helps against accidentally leaking possibly sensitive information over the network. + +If you do want to pass additional error information to the client, you can construct and throw an appropriate `HttpError` in your implementation: + + + + +```js title=src/actions.js +import { HttpError } from 'wasp/server' + +export const createTask = async (args, context) => { + throw new HttpError( + 403, // status code + "You can't do this!", // message + { foo: 'bar' } // data + ) +} +``` + + + + +```ts title=src/actions.ts +import { type CreateTask } from 'wasp/server/operations' +import { HttpError } from 'wasp/server' + +export const createTask: CreateTask = async (args, context) => { + throw new HttpError( + 403, // status code + "You can't do this!", // message + { foo: 'bar' } // data + ) +} +``` + + + + +### Using Entities in Actions + +In most cases, resources used in Actions will be [Entities](../../data-model/entities.md). +To use an Entity in your Action, add it to the `action` declaration in Wasp: + + + + +```wasp {4,9} title="main.wasp" + +action createTask { + fn: import { createTask } from "@src/actions.js", + entities: [Task] +} + +action markTaskAsDone { + fn: import { markTaskAsDone } from "@src/actions.js", + entities: [Task] +} +``` + + + + +```wasp {4,9} title="main.wasp" + +action createTask { + fn: import { createTask } from "@src/actions.js", + entities: [Task] +} + +action markTaskAsDone { + fn: import { markTaskAsDone } from "@src/actions.js", + entities: [Task] +} +``` + + + + +Wasp will inject the specified Entity into the Action's `context` argument, giving you access to the Entity's Prisma API. +Wasp invalidates frontend Query caches by looking at the Entities used by each Action/Query. Read more about Wasp's smart cache invalidation [here](#cache-invalidation). + + + + +```js title="src/actions.js" +// The 'args' object is the payload sent by the caller (most often from the client) +export const createTask = async (args, context) => { + const newTask = await context.entities.Task.create({ + data: { + description: args.description, + isDone: false, + }, + }) + return newTask +} + +export const markTaskAsDone = async (args, context) => { + await context.entities.Task.update({ + where: { id: args.id }, + data: { isDone: true }, + }) +} +``` + + + + +```ts title="src/actions.ts" +import { type CreateTask, type MarkTaskAsDone } from 'wasp/server/operations' +import { type Task } from 'wasp/entities' + +// The 'args' object is the payload sent by the caller (most often from the client) +export const createTask: CreateTask, Task> = async ( + args, + context +) => { + const newTask = await context.entities.Task.create({ + data: { + description: args.description, + isDone: false, + }, + }) + return newTask +} + +export const markTaskAsDone: MarkTaskAsDone, void> = async ( + args, + context +) => { + await context.entities.Task.update({ + where: { id: args.id }, + data: { isDone: true }, + }) +} +``` + +Again, annotating the Actions is optional, but greatly improves **full-stack type safety**. + + + + +The object `context.entities.Task` exposes `prisma.task` from [Prisma's CRUD API](https://www.prisma.io/docs/reference/tools-and-interfaces/prisma-client/crud). + +## Cache Invalidation + +One of the trickiest parts of managing a web app's state is making sure the data returned by the Queries is up to date. +Since Wasp uses _react-query_ for Query management, we must make sure to invalidate Queries (more specifically, their cached results managed by _react-query_) whenever they become stale. + +It's possible to invalidate the caches manually through several mechanisms _react-query_ provides (e.g., refetch, direct invalidation). +However, since manual cache invalidation quickly becomes complex and error-prone, Wasp offers a faster and a more effective solution to get you started: **automatic Entity-based Query cache invalidation**. +Because Actions can (and most often do) modify the state while Queries read it, Wasp invalidates a Query's cache whenever an Action that uses the same Entity is executed. + +For example, if the Action `createTask` and Query `getTasks` both use the Entity `Task`, executing `createTask` may cause the cached result of `getTasks` to become outdated. In response, Wasp will invalidate it, causing `getTasks` to refetch data from the server and update it. + +In practice, this means that Wasp keeps the Queries "fresh" without requiring you to think about cache invalidation. + +On the other hand, this kind of automatic cache invalidation can become wasteful (some updates might not be necessary) and will only work for Entities. If that's an issue, you can use the mechanisms provided by _react-query_ for now, and expect more direct support in Wasp for handling those use cases in a nice, elegant way. + +If you wish to optimistically set cache values after performing an Action, you can do so using [optimistic updates](https://stackoverflow.com/a/33009713). Configure them using Wasp's [useAction hook](#the-useaction-hook-and-optimistic-updates). This is currently the only manual cache invalidation mechanism Wasps supports natively. For everything else, you can always rely on _react-query_. + +## Differences Between Queries and Actions + +Actions and Queries are two closely related concepts in Wasp. They might seem to perform similar tasks, but Wasp treats them differently, and each concept represents a different thing. + +Here are the key differences between Queries and Actions: + +1. Actions can (and often should) modify the server's state, while Queries are only permitted to read it. Wasp relies on you adhering to this convention when performing cache invalidations, so it's crucial to follow it. +2. Actions don't need to be reactive, so you can call them directly. However, Wasp does provide a [`useAction` React hook](#the-useaction-hook-and-optimistic-updates) for adding extra behavior to the Action (like optimistic updates). +3. `action` declarations in Wasp are mostly identical to `query` declarations. The only difference lies in the declaration's name. + +## API Reference + +### Declaring Actions in Wasp + +The `action` declaration supports the following fields: + +- `fn: ExtImport` + + The import statement of the Action's NodeJs implementation. + +- `entities: [Entity]` + + A list of entities you wish to use inside your Action. + For instructions on using Entities in Actions, take a look at [the guide](#using-entities-in-actions). + +#### Example + + + + +Declaring the Action: + +```wasp +query createFoo { + fn: import { createFoo } from "@src/actions.js" + entities: [Foo] +} +``` + +Enables you to import and use it anywhere in your code (on the server or the client): + +```js +import { createFoo } from 'wasp/client/operations' +``` + + + + +Declaring the Action: + +```wasp +query createFoo { + fn: import { createFoo } from "@src/actions.js" + entities: [Foo] +} +``` + +Enables you to import and use it anywhere in your code (on the server or the client): + +```ts +// Use it on the client +import { createFoo } from 'wasp/client/operations' + +// Use it on the server +import { createFoo } from 'wasp/server/operations' +``` + +As well as the following type import on the server: + +```ts +import { type CreateFoo } from 'wasp/server/operations' +``` + + + + +### Implementing Actions + +The Action's implementation is a NodeJS function that takes two arguments (it can be an `async` function if you need to use the `await` keyword). +Since both arguments are positional, you can name the parameters however you want, but we'll stick with `args` and `context`: + +1. `args` (type depends on the Action) + + An object containing the data **passed in when calling the Action** (e.g., filtering conditions). + Check [the usage examples](#using-actions) to see how to pass this object to the Action. + +2. `context` (type depends on the Action) + + An additional context object **passed into the Action by Wasp**. This object contains user session information, as well as information about entities. Check the [section about using entities in Actions](#using-entities-in-actions) to see how to use the entities field on the `context` object, or the [auth section](../../auth/overview#using-the-contextuser-object) to see how to use the `user` object. + + + +After you [declare the Action](#declaring-actions), Wasp generates a generic type you can use when defining its implementation. +For the Action declared as `createSomething`, the generated type is called `CreateSomething`: + +```ts +import { type CreateSomething } from 'wasp/server/operations' +``` + +It expects two (optional) type arguments: + +1. `Input` + + The type of the `args` object (i.e., the Action's input payload). The default value is `never`. + +2. `Output` + + The type of the Action's return value (i.e., the Action's output payload). The default value is `unknown`. + +The defaults were chosen to make the type signature as permissive as possible. If don't want your Action to take/return anything, use `void` as a type argument. + + + +#### Example + + + + +The following Action: + +```wasp +action createFoo { + fn: import { createFoo } from "@src/actions.js" + entities: [Foo] +} +``` + +Expects to find a named export `createfoo` from the file `src/actions.js` + +```js title=actions.js +export const createFoo = (args, context) => { + // implementation +} +``` + + + + +The following Action: + +```wasp +action createFoo { + fn: import { createFoo } from "@src/actions.js" + entities: [Foo] +} +``` + +Expects to find a named export `createfoo` from the file `src/actions.js` + +You can use the generated type `CreateFoo` and specify the Action's inputs and outputs using its type arguments. + +```ts title=actions.ts +import { type CreateFoo } from 'wasp/server/operations' + +type Foo = // ... + +export const createFoo: CreateFoo<{ bar: string }, Foo> = (args, context) => { + // implementation +}; +``` + +In this case, the Action expects to receive an object with a `bar` field of type `string` (this is the type of `args`), and return a value of type `Foo` (this must match the type of the Action's return value). + + + + +### The `useAction` Hook and Optimistic Updates + +Make sure you understand how [Queries](../../data-model/operations/queries.md) and [Cache Invalidation](#cache-invalidation) work before reading this chapter. + +When using Actions in components, you can enhance them with the help of the `useAction` hook. This hook comes bundled with Wasp, and is used for decorating Wasp Actions. +In other words, the hook returns a function whose API matches the original Action while also doing something extra under the hood (depending on how you configure it). + +The `useAction` hook accepts two arguments: + +- `actionFn` + + The Wasp Action (i.e., the client-side Action function generated by Wasp based on a Action declaration) you wish to enhance. + +- `actionOptions` + + An object configuring the extra features you want to add to the given Action. While this argument is technically optional, there is no point in using the `useAction` hook without providing it (it would be the same as using the Action directly). The Action options object supports the following fields: + + - `optimisticUpdates` + + An array of objects where each object defines an [optimistic update](https://stackoverflow.com/a/33009713) to perform on the Query cache. To define an optimistic update, you must specify the following properties: + + - `getQuerySpecifier` + + A function returning the Query specifier (i.e., a value used to address the Query you want to update). A Query specifier is an array specifying the query function and arguments. For example, to optimistically update the Query used with `useQuery(fetchFilteredTasks, {isDone: true }]`, your `getQuerySpecifier` function would have to return the array `[fetchFilteredTasks, { isDone: true}]`. Wasp will forward the argument you pass into the decorated Action to this function (i.e., you can use the properties of the added/changed item to address the Query). + + - `updateQuery` + + The function used to perform the optimistic update. It should return the desired state of the cache. Wasp will call it with the following arguments: + + - `item` - The argument you pass into the decorated Action. + - `oldData` - The currently cached value for the Query identified by the specifier. + +:::caution +The `updateQuery` function must be a pure function. It must return the desired cache value identified by the `getQuerySpecifier` function and _must not_ perform any side effects. + +Also, make sure you only update the Query caches affected by your Action causing the optimistic update (Wasp cannot yet verify this). + +Finally, your implementation of the `updateQuery` function should work correctly regardless of the state of `oldData` (e.g., don't rely on array positioning). If you need to do something else during your optimistic update, you can directly use _react-query_'s lower-level API (read more about it [here](#advanced-usage)). +::: + +Here's an example showing how to configure the Action `markTaskAsDone` that toggles a task's `isDone` status to perform an optimistic update: + + + + +```jsx title=src/pages/Task.jsx +import React from 'react' +import { + useQuery, + useAction, + getTask, + markTaskAsDone, +} from 'wasp/client/operations' + +const TaskPage = ({ id }) => { + const { data: task } = useQuery(getTask, { id }) + // highlight-start + const markTaskAsDoneOptimistically = useAction(markTaskAsDone, { + optimisticUpdates: [ + { + getQuerySpecifier: ({ id }) => [getTask, { id }], + updateQuery: (_payload, oldData) => ({ ...oldData, isDone: true }), + }, + ], + }) + // highlight-end + + if (!task) { + return

    "Loading"

    + } + + const { description, isDone } = task + return ( +
    +

    + Description: + {description} +

    +

    + Is done: + {isDone ? 'Yes' : 'No'} +

    + {isDone || ( + + )} +
    + ) +} + +export default TaskPage +``` + +     + + +```tsx title=src/pages/Task.tsx +import React from 'react' +import { + useQuery, + useAction, + type OptimisticUpdateDefinition, + getTask, + markTaskAsDone, +} from 'wasp/client/operations' + +type TaskPayload = Pick; + +const TaskPage = ({ id }: { id: number }) => { + const { data: task } = useQuery(getTask, { id }); + // highlight-start + const markTaskAsDoneOptimistically = useAction(markTaskAsDone, { + optimisticUpdates: [ + { + getQuerySpecifier: ({ id }) => [getTask, { id }], + updateQuery: (_payload, oldData) => ({ ...oldData, isDone: true }), + } as OptimisticUpdateDefinition, + ], + }); + // highlight-end + + if (!task) { + return

    "Loading"

    ; + } + + const { description, isDone } = task; + return ( +
    +

    + Description: + {description} +

    +

    + Is done: + {isDone ? "Yes" : "No"} +

    + {isDone || ( + + )} +
    + ); +}; + +export default TaskPage; +``` + +     +     + +#### Advanced usage + +The `useAction` hook currently only supports specifying optimistic updates. You can expect more features in future versions of Wasp. + +Wasp's optimistic update API is deliberately small and focuses exclusively on updating Query caches (as that's the most common use case). You might need an API that offers more options or a higher level of control. If that's the case, instead of using Wasp's `useAction` hook, you can use _react-query_'s `useMutation` hook and directly work with [their low-level API](https://tanstack.com/query/v4/docs/guides/optimistic-updates?from=reactQueryV3&original=https://react-query-v3.tanstack.com/guides/optimistic-updates). + +If you decide to use _react-query_'s API directly, you will need access to Query cache key. Wasp internally uses this key but abstracts it from the programmer. Still, you can easily obtain it by accessing the `queryCacheKey` property on any Query: + + + + +```js +import { getTasks } from 'wasp/client/operations' + +const queryKey = getTasks.queryCacheKey +``` + + + + +```ts +import { getTasks } from 'wasp/client/operations' + +const queryKey = getTasks.queryCacheKey +``` + + + diff --git a/web/versioned_docs/version-0.13.11/data-model/operations/overview.md b/web/versioned_docs/version-0.13.11/data-model/operations/overview.md new file mode 100644 index 0000000000..2bf1fa44d5 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/data-model/operations/overview.md @@ -0,0 +1,12 @@ +--- +title: Overview +--- + +import { Required } from '@site/src/components/Tag'; + +While Entities enable help you define your app's data model and relationships, Operations are all about working with this data. + +There are two kinds of Operations: [Queries](../../data-model/operations/queries.md) and [Actions](../../data-model/operations/actions.md). As their names suggest, +Queries are meant for reading data, and Actions are meant for changing it (either by updating existing entries or creating new ones). + +Keep reading to find out all there is to know about Operations in Wasp. diff --git a/web/versioned_docs/version-0.13.11/data-model/operations/queries.md b/web/versioned_docs/version-0.13.11/data-model/operations/queries.md new file mode 100644 index 0000000000..c41733465f --- /dev/null +++ b/web/versioned_docs/version-0.13.11/data-model/operations/queries.md @@ -0,0 +1,648 @@ +--- +title: Queries +--- + +import { Required } from '@site/src/components/Tag'; +import { ShowForTs } from '@site/src/components/TsJsHelpers'; +import SuperjsonNote from './\_superjson-note.md'; + +We'll explain what Queries are and how to use them. If you're looking for a detailed API specification, skip ahead to the [API Reference](#api-reference). + +You can use Queries to fetch data from the server. They shouldn't modify the server's state. +Fetching all comments on a blog post, a list of users that liked a video, information about a single product based on its ID... All of these are perfect use cases for a Query. + +:::tip +Queries are fairly similar to Actions in terms of their API. +Therefore, if you're already familiar with Actions, you might find reading the entire guide repetitive. + +We instead recommend skipping ahead and only reading [the differences between Queries and Actions](../../data-model/operations/actions#differences-between-queries-and-actions), and consulting the [API Reference](#api-reference) as needed. +::: + +## Working with Queries + +You declare queries in the `.wasp` file and implement them using NodeJS. Wasp not only runs these queries within the server's context but also creates code that enables you to call them from any part of your codebase, whether it's on the client or server side. + +This means you don't have to build an HTTP API for your query, manage server-side request handling, or even deal with client-side response handling and caching. +Instead, just concentrate on implementing the business logic inside your query, and let Wasp handle the rest! + +To create a Query, you must: + +1. Declare the Query in Wasp using the `query` declaration. +2. Define the Query's NodeJS implementation. + +After completing these two steps, you'll be able to use the Query from any point in your code. + +### Declaring Queries + +To create a Query in Wasp, we begin with a `query` declaration. + +Let's declare two Queries - one to fetch all tasks, and another to fetch tasks based on a filter, such as whether a task is done: + + + + +```wasp title="main.wasp" +// ... + +query getAllTasks { + fn: import { getAllTasks } from "@src/queries.js" +} + +query getFilteredTasks { + fn: import { getFilteredTasks } from "@src/queries.js" +} +``` + + + + +```wasp title="main.wasp" +// ... + +query getAllTasks { + fn: import { getAllTasks } from "@src/queries.js" +} + +query getFilteredTasks { + fn: import { getFilteredTasks } from "@src/queries.js" +} +``` + + + + + + +If you want to know about all supported options for the `query` declaration, take a look at the [API Reference](#api-reference). + + + +The names of Wasp Queries and their implementations don't need to match, but we'll keep them the same to avoid confusion. + +:::info +You might have noticed that we told Wasp to import Query implementations that don't yet exist. Don't worry about that for now. We'll write the implementations imported from `queries.{js,ts}` in the next section. + +It's a good idea to start with the high-level concept (i.e., the Query declaration in the Wasp file) and only then deal with the implementation details (i.e., the Query's implementation in JavaScript). +::: + +After declaring a Wasp Query, two important things happen: + +- Wasp **generates a server-side NodeJS function** that shares its name with the Query. + +- Wasp **generates a client-side JavaScript function** that shares its name with the Query (e.g., `getFilteredTasks`). + This function takes a single optional argument - an object containing any serializable data you wish to use inside the Query. + Wasp will send this object over the network and pass it into the Query's implementation as its first positional argument (more on this when we look at the implementations). + Such an abstraction works thanks to an HTTP API route handler Wasp generates on the server, which calls the Query's NodeJS implementation under the hood. + +Generating these two functions ensures a uniform calling interface across the entire app (both client and server). + +### Implementing Queries in Node + +Now that we've declared the Query, what remains is to implement it. +We've instructed Wasp to look for the Queries' implementations in the file `src/queries.{js,ts}`, so that's where we should export them from. + +Here's how you might implement the previously declared Queries `getAllTasks` and `getFilteredTasks`: + + + + +```js title="src/queries.js" +// our "database" +const tasks = [ + { id: 1, description: 'Buy some eggs', isDone: true }, + { id: 2, description: 'Make an omelette', isDone: false }, + { id: 3, description: 'Eat breakfast', isDone: false }, +] + +// You don't need to use the arguments if you don't need them +export const getAllTasks = () => { + return tasks +} + +// The 'args' object is something sent by the caller (most often from the client) +export const getFilteredTasks = (args) => { + const { isDone } = args + return tasks.filter((task) => task.isDone === isDone) +} +``` + + + + + + +```ts title="src/queries.ts" +import { type GetAllTasks, type GetFilteredTasks } from 'wasp/server/operations' + +type Task = { + id: number + description: string + isDone: boolean +} + +// our "database" +const tasks: Task[] = [ + { id: 1, description: 'Buy some eggs', isDone: true }, + { id: 2, description: 'Make an omelette', isDone: false }, + { id: 3, description: 'Eat breakfast', isDone: false }, +] + +// You don't need to use the arguments if you don't need them +export const getAllTasks: GetAllTasks = () => { + return tasks +} + +// The 'args' object is something sent by the caller (most often from the client) +export const getFilteredTasks: GetFilteredTasks< + Pick, + Task[] +> = (args) => { + const { isDone } = args + return tasks.filter((task) => task.isDone === isDone) +} +``` + +Wasp automatically generates the types `GetTasks` and `GetFilteredTasks` based on your Wasp file's declarations: + +- `GetTasks` is a generic type automatically generated by Wasp, based on the Query declaration for `getTasks`. +- `GetFilteredTasks` is also a generic type automatically generated by Wasp, based on the Query declaration for `getFilteredTasks`. + +You can utilize these types to define the input and output types for your Query. + +For example, the Query `getTasks` doesn't expect any arguments (its input type is `void`), but it does return a list of tasks (its output type is `Task[]`). + +On the other hand, the Query `getFilteredTasks` expects an object of type `{ isDone: boolean }`. This type is derived from the `Task` type. + +While annotating the Queries is optional, it's highly recommended. Doing so enables **full-stack type safety**. We'll explore what this means when we discuss calling the Query from the client. + + + + + + + + +For a detailed explanation of the Query definition API (i.e., arguments and return values), check the [API Reference](#api-reference). + + + +### Using Queries + +To use a Query, you can import it from `wasp/client/operations` and call it directly. As mentioned, the usage doesn't change depending on whether you're on the server or the client: + + + + +```js +import { getAllTasks, getFilteredTasks } from 'wasp/client/operations' + +// ... + +const allTasks = await getAllTasks() +const doneTasks = await getFilteredTasks({ isDone: true }) +``` + + + + +```ts +import { getAllTasks, getFilteredTasks } from 'wasp/client/operations' + +// TypeScript automatically infers the return values and type-checks +// the payloads. +const allTasks = await getAllTasks() +const doneTasks = await getFilteredTasks({ isDone: true }) +``` + + + + +#### The `useQuery` hook + +When using Queries on the client, you can make them reactive with the `useQuery` hook. +This hook comes bundled with Wasp and is a thin wrapper around the `useQuery` hook from [_react-query_](https://github.com/tannerlinsley/react-query). The only difference is that you don't need to supply the key - Wasp handles this for you automatically. + +Here's an example of calling the Queries using the `useQuery` hook: + + + + +```jsx title=src/MainPage.jsx +import React from 'react' +import { useQuery, getAllTasks, getFilteredTasks } from 'wasp/client/operations' + +const MainPage = () => { + const { data: allTasks, error: error1 } = useQuery(getAllTasks) + const { data: doneTasks, error: error2 } = useQuery(getFilteredTasks, { + isDone: true, + }) + + if (error1 !== null || error2 !== null) { + return
    There was an error
    + } + + return ( +
    +

    All Tasks

    + {allTasks && allTasks.length > 0 + ? allTasks.map((task) => ) + : 'No tasks'} + +

    Finished Tasks

    + {doneTasks && doneTasks.length > 0 + ? doneTasks.map((task) => ) + : 'No finished tasks'} +
    + ) +} + +const Task = ({ description, isDone }: Task) => { + return ( +
    +

    + Description: + {description} +

    +

    + Is done: + {isDone ? 'Yes' : 'No'} +

    +
    + ) +} + +export default MainPage +``` + +     + + +```tsx title=src/MainPage.tsx +import React from 'react' +import { type Task } from 'wasp/entities' +import { useQuery, getAllTasks, getFilteredTasks } from 'wasp/client/operations' + +const MainPage = () => { + // TypeScript will automatically infer and type-check payload types. + const { data: allTasks, error: error1 } = useQuery(getAllTasks) + const { data: doneTasks, error: error2 } = useQuery(getFilteredTasks, { + isDone: true, + }) + + if (error1 !== null || error2 !== null) { + return
    There was an error
    + } + + return ( +
    +

    All Tasks

    + {allTasks && allTasks.length > 0 + ? allTasks.map((task) => ) + : 'No tasks'} + +

    Finished Tasks

    + {doneTasks && doneTasks.length > 0 + ? doneTasks.map((task) => ) + : 'No finished tasks'} +
    + ) +} + +const Task = ({ description, isDone }: Task) => { + return ( +
    +

    + Description: + {description} +

    +

    + Is done: + {isDone ? 'Yes' : 'No'} +

    +
    + ) +} + +export default MainPage +``` + +Notice how you don't need to annotate the Query's return value type. Wasp automatically infers the from the Query's backend implementation. This is **full-stack type safety**: the types on the client always match the types on the server. + +     +     + + + +For a detailed specification of the `useQuery` hook, check the [API Reference](#api-reference). + + + +### Error Handling + +For security reasons, all exceptions thrown in the Query's NodeJS implementation are sent to the client as responses with the HTTP status code `500`, with all other details removed. +Hiding error details by default helps against accidentally leaking possibly sensitive information over the network. + +If you do want to pass additional error information to the client, you can construct and throw an appropriate `HttpError` in your implementation: + + + + +```js title=src/queries.js +import { HttpError } from 'wasp/server' + +export const getAllTasks = async (args, context) => { + throw new HttpError( + 403, // status code + "You can't do this!", // message + { foo: 'bar' } // data + ) +} +``` + + + + +```ts title=src/queries.ts +import { type GetAllTasks } from 'wasp/server/operations' +import { HttpError } from 'wasp/server' + +export const getAllTasks: GetAllTasks = async (args, context) => { + throw new HttpError( + 403, // status code + "You can't do this!", // message + { foo: 'bar' } // data + ) +} +``` + + + + +If the status code is `4xx`, the client will receive a response object with the corresponding `message` and `data` fields, and it will rethrow the error (including these fields). +To prevent information leakage, the server won't forward these fields for any other HTTP status codes. + +### Using Entities in Queries + +In most cases, resources used in Queries will be [Entities](../../data-model/entities.md). +To use an Entity in your Query, add it to the `query` declaration in Wasp: + + + + +```wasp {4,9} title="main.wasp" + +query getAllTasks { + fn: import { getAllTasks } from "@src/queries.js", + entities: [Task] +} + +query getFilteredTasks { + fn: import { getFilteredTasks } from "@src/queries.js", + entities: [Task] +} +``` + + + + +```wasp {4,9} title="main.wasp" + +query getAllTasks { + fn: import { getAllTasks } from "@src/queries.js", + entities: [Task] +} + +query getFilteredTasks { + fn: import { getFilteredTasks } from "@src/queries.js", + entities: [Task] +} +``` + + + + +Wasp will inject the specified Entity into the Query's `context` argument, giving you access to the Entity's Prisma API: + + + + +```js title="src/queries.js" +export const getAllTasks = async (args, context) => { + return context.entities.Task.findMany({}) +} + +export const getFilteredTasks = async (args, context) => { + return context.entities.Task.findMany({ + where: { isDone: args.isDone }, + }) +} +``` + + + + +```ts title="src/queries.ts" +import { type Task } from 'wasp/entities' +import { type GetAllTasks, type GetFilteredTasks } from 'wasp/server/operations' + +export const getAllTasks: GetAllTasks = async (args, context) => { + return context.entities.Task.findMany({}) +} + +export const getFilteredTasks: GetFilteredTasks< + Pick, + Task[] +> = async (args, context) => { + return context.entities.Task.findMany({ + where: { isDone: args.isDone }, + }) +} +``` + +Again, annotating the Queries is optional, but greatly improves **full-stack type safety**. + + + + +The object `context.entities.Task` exposes `prisma.task` from [Prisma's CRUD API](https://www.prisma.io/docs/reference/tools-and-interfaces/prisma-client/crud). + +## API Reference + +### Declaring Queries + +The `query` declaration supports the following fields: + +- `fn: ExtImport` + + The import statement of the Query's NodeJs implementation. + +- `entities: [Entity]` + + A list of entities you wish to use inside your Query. + For instructions on using Entities in Queries, take a look at [the guide](#using-entities-in-queries). + +#### Example + + + + +Declaring the Query: + +```wasp +query getFoo { + fn: import { getFoo } from "@src/queries.js" + entities: [Foo] +} +``` + +Enables you to import and use it anywhere in your code (on the server or the client): + +```js +import { getFoo } from 'wasp/client/operations' +``` + + + + +Declaring the Query: + +```wasp +query getFoo { + fn: import { getFoo } from "@src/queries.js" + entities: [Foo] +} +``` + +Enables you to import and use it anywhere in your code (on the server or the client): + +```ts +// Use it on the client +import { getFoo } from 'wasp/client/operations' + +// Use it on the server +import { getFoo } from 'wasp/server/operations' +``` + +And also creates a type you can import on the server: + +```ts +import { type GetFoo } from 'wasp/server/operations' +``` + + + + +### Implementing Queries + +The Query's implementation is a NodeJS function that takes two arguments (it can be an `async` function if you need to use the `await` keyword). +Since both arguments are positional, you can name the parameters however you want, but we'll stick with `args` and `context`: + +1. `args` (type depends on the Query) + + An object containing the data **passed in when calling the query** (e.g., filtering conditions). + Check [the usage examples](#using-queries) to see how to pass this object to the Query. + +2. `context` (type depends on the Query) + + An additional context object **passed into the Query by Wasp**. This object contains user session information, as well as information about entities. Check the [section about using entities in Queries](#using-entities-in-queries) to see how to use the entities field on the `context` object, or the [auth section](../../auth/overview#using-the-contextuser-object) to see how to use the `user` object. + + + +After you [declare the query](#declaring-queries), Wasp generates a generic type you can use when defining its implementation. +For the Query declared as `getSomething`, the generated type is called `GetSomething`: + +```ts +import { type GetSomething } from 'wasp/server/operations' +``` + +It expects two (optional) type arguments: + +1. `Input` + + The type of the `args` object (i.e., the Query's input payload). The default value is `never`. + +2. `Output` + + The type of the Query's return value (i.e., the Query's output payload). The default value is `unknown`. + +The defaults were chosen to make the type signature as permissive as possible. If don't want your Query to take/return anything, use `void` as a type argument. + + + +#### Example + + + + +The following Query: + +```wasp +query getFoo { + fn: import { getFoo } from "@src/queries.js" + entities: [Foo] +} +``` + +Expects to find a named export `getFoo` from the file `src/queries.js` + +```js title=queries.js +export const getFoo = (args, context) => { + // implementation +} +``` + + + + +The following Query: + +```wasp +query getFoo { + fn: import { getFoo } from "@src/queries.js" + entities: [Foo] +} +``` + +Expects to find a named export `getFoo` from the file `src/queries.js` + +You can use the generated type `GetFoo` and specify the Query's inputs and outputs using its type arguments. + +```ts title=queries.ts +import { type GetFoo } from 'wasp/server/operations' + +type Foo = // ... + +export const getFoo: GetFoo<{ id: number }, Foo> = (args, context) => { + // implementation +}; +``` + +In this case, the Query expects to receive an object with an `id` field of type `number` (this is the type of `args`), and return a value of type `Foo` (this must match the type of the Query's return value). + + + + +### The `useQuery` Hook + +Wasp's `useQuery` hook is a thin wrapper around the `useQuery` hook from [_react-query_](https://github.com/tannerlinsley/react-query). +One key difference is that Wasp doesn't expect you to supply the cache key - it takes care of it under the hood. + +Wasp's `useQuery` hook accepts three arguments: + +- `queryFn` + + The client-side query function generated by Wasp based on a `query` declaration in your `.wasp` file. + +- `queryFnArgs` + + The arguments object (payload) you wish to pass into the Query. The Query's NodeJS implementation will receive this object as its first positional argument. + +- `options` + + A _react-query_ `options` object. Use this to change + [the default + behavior](https://react-query.tanstack.com/guides/important-defaults) for + this particular Query. If you want to change the global defaults, you can do + so in the [client setup function](../../project/client-config.md#overriding-default-behaviour-for-queries). + +For an example of usage, check [this section](#the-usequery-hook). diff --git a/web/versioned_docs/version-0.13.11/general/cli.md b/web/versioned_docs/version-0.13.11/general/cli.md new file mode 100644 index 0000000000..9288108957 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/general/cli.md @@ -0,0 +1,188 @@ +--- +title: CLI Reference +--- +This guide provides an overview of the Wasp CLI commands, arguments, and options. + +## Overview + +Once [installed](../quick-start), you can use the wasp command from your command line. + +If you run the `wasp` command without any arguments, it will show you a list of available commands and their descriptions: + +``` +USAGE + wasp [command-args] + +COMMANDS + GENERAL + new [] [args] Creates a new Wasp project. Run it without arguments for interactive mode. + OPTIONS: + -t|--template + Check out the templates list here: https://github.com/wasp-lang/starters + + new:ai [] + Uses AI to create a new Wasp project just based on the app name and the description. + You can do the same thing with `wasp new` interactively. + Run `wasp new:ai` for more info. + + version Prints current version of CLI. + waspls Run Wasp Language Server. Add --help to get more info. + completion Prints help on bash completion. + uninstall Removes Wasp from your system. + IN PROJECT + start Runs Wasp app in development mode, watching for file changes. + start db Starts managed development database for you. + db [args] Executes a database command. Run 'wasp db' for more info. + clean Deletes all generated code, all cached artifacts, and the node_modules dir. + Wasp equivalent of 'have you tried closing and opening it again?'. + build Generates full web app code, ready for deployment. Use when deploying or ejecting. + deploy Deploys your Wasp app to cloud hosting providers. + telemetry Prints telemetry status. + deps Prints the dependencies that Wasp uses in your project. + dockerfile Prints the contents of the Wasp generated Dockerfile. + info Prints basic information about the current Wasp project. + test Executes tests in your project. + studio (experimental) GUI for inspecting your Wasp app. + +EXAMPLES + wasp new MyApp + wasp start + wasp db migrate-dev + +Docs: https://wasp-lang.dev/docs +Discord (chat): https://discord.gg/rzdnErX +Newsletter: https://wasp-lang.dev/#signup +``` + +## Commands + +### Creating a New Project + - Use `wasp new` to start the interactive mode for setting up a new Wasp project. + + This will prompt you to input the project name and to select a template. The chosen template will then be used to generate the project directory with the specified name. + + ``` + $ wasp new + Enter the project name (e.g. my-project) β–Έ MyFirstProject + Choose a starter template + [1] basic (default) + Simple starter template with a single page. + [2] todo-ts + Simple but well-rounded Wasp app implemented with Typescript & full-stack type safety. + [3] saas + Everything a SaaS needs! Comes with Auth, ChatGPT API, Tailwind, Stripe payments and more. Check out https://opensaas.sh/ for more details. + [4] embeddings + Comes with code for generating vector embeddings and performing vector similarity search. + [5] ai-generated + πŸ€– Describe an app in a couple of sentences and have Wasp AI generate initial code for you. (experimental) + β–Έ 1 + + 🐝 --- Creating your project from the "basic" template... ------------------------- + + Created new Wasp app in ./MyFirstProject directory! + + To run your new app, do: + cd MyFirstProject + wasp db start + ``` + - To skip the interactive mode and create a new Wasp project with the default template, use `wasp new `. + + ``` + $ wasp new MyFirstProject + 🐝 --- Creating your project from the "basic" template... ------------------------- + + Created new Wasp app in ./MyFirstProject directory! + + To run your new app, do: + cd MyFirstProject + wasp db start + ``` +### Project Commands + - `wasp start` launches the Wasp app in development mode. It automatically opens a browser tab with your application running and watches for any changes to .wasp or files in `src/` to automatically reflect in the browser. It also shows messages from the web app, the server and the database on stdout/stderr. + - `wasp start db` starts the database for you. This can be very handy since you don't need to spin up your own database or provide its connection URL to the Wasp app. + - `wasp clean` removes all generated code and other cached artifacts. If using SQlite, it also deletes the SQlite database. Think of this as the Wasp version of the classic "turn it off and on again" solution. + + ``` + $ wasp clean + + 🐝 --- Deleting the .wasp/ directory... ------------------------------------------- + + βœ… --- Deleted the .wasp/ directory. ---------------------------------------------- + + 🐝 --- Deleting the node_modules/ directory... ------------------------------------ + + βœ… --- Deleted the node_modules/ directory. --------------------------------------- + ``` + + - `wasp build` generates the complete web app code, which is ready for [deployment](../advanced/deployment/overview). Use this command when you're deploying or ejecting. The generated code is stored in the `.wasp/build` folder. + + - `wasp deploy` makes it easy to get your app hosted on the web. + + Currently, Wasp offers support for [Fly.io](https://fly.io). If you prefer a different hosting provider, feel free to let us know on Discord or submit a PR by updating [this TypeScript app](https://github.com/wasp-lang/wasp/tree/main/waspc/packages/deploy). + + Read more about automatic deployment [here](../advanced/deployment/cli). + + - `wasp telemetry` displays the status of [telemetry](https://wasp-lang.dev/docs/telemetry). + + ``` + $ wasp telemetry + + Telemetry is currently: ENABLED + Telemetry cache directory: /home/user/.cache/wasp/telemetry/ + Last time telemetry data was sent for this project: 2021-05-27 09:21:16.79537226 UTC + Our telemetry is anonymized and very limited in its scope: check https://wasp-lang.dev/docs/telemetry for more details. + + ``` + - `wasp deps` lists the dependencies that Wasp uses in your project. + - `wasp info` provides basic details about the current Wasp project. + - `wasp studio` shows you an graphical overview of your application in a graph: pages, queries, actions, data model etc. + +### Database Commands +Wasp provides a suite of commands for managing the database. These commands all begin with `db` and primarily execute Prisma commands behind the scenes. + + - `wasp db migrate-dev` synchronizes the development database with the current state of the schema (entities). If there are any changes in the schema, it generates a new migration and applies any pending migrations to the database. + - The `--name foo` option allows you to specify a name for the migration, while the `--create-only` option lets you create an empty migration without applying it. + + - `wasp db studio` opens the GUI for inspecting your database. + + +### Bash Completion + +To set up Bash completion, run the `wasp completion` command and follow the instructions. + + +### Miscellaneous Commands + - `wasp version` displays the current version of the CLI. + + ``` + $ wasp version + + 0.12.0 + + If you wish to install/switch to the latest version of Wasp, do: + curl -sSL https://get.wasp-lang.dev/installer.sh | sh -s + + If you want specific x.y.z version of Wasp, do: + curl -sSL https://get.wasp-lang.dev/installer.sh | sh -s -- -v x.y.z + + Check https://github.com/wasp-lang/wasp/releases for the list of valid versions, including the latest one. + ``` + - `wasp uninstall` removes Wasp from your system. + + ``` + $ wasp uninstall + + 🐝 --- Uninstalling Wasp ... ------------------------------------------------------ + + We will remove the following directories: + {home}/.local/share/wasp-lang/ + {home}/.cache/wasp/ + + We will also remove the following files: + {home}/.local/bin/wasp + + Are you sure you want to continue? [y/N] + y + + βœ… --- Uninstalled Wasp ----------------------------------------------------------- + ``` diff --git a/web/versioned_docs/version-0.13.11/general/language.md b/web/versioned_docs/version-0.13.11/general/language.md new file mode 100644 index 0000000000..4e21b10ce4 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/general/language.md @@ -0,0 +1,88 @@ +--- +title: Wasp Language (.wasp) +--- + +Wasp language (what you write in .wasp files) is a declarative, statically typed, domain-specific language (DSL). + +It is a quite simple language, closer to JSON, CSS or SQL than to e.g. Javascript or Python, since it is not a general programming language, but more of a configuration language. + +It is pretty intuitive to learn (there isn't much to learn really!) and you can probably do just fine without reading this page and learning from the rest of the docs as you go, but if you want a bit more formal definition and deeper understanding of how it works, then read on! + +## Declarations + +The central point of Wasp language are **declarations**, and Wasp code is at the end just a bunch of declarations, each of them describing a part of your web app. + +```wasp +app MyApp { + title: "My app" +} + +route RootRoute { path: "/", to: DashboardPage } + +page DashboardPage { + component: import { DashboardPage } from "@src/Dashboard.jsx" +} +``` + +In the example above we described a web app via three declarations: `app MyApp { ... }`, `route RootRoute { ... }` and `page DashboardPage { ... }`. + +Syntax for writing a declaration is ` `, where: + +- `` is one of the declaration types offered by Wasp (`app`, `route`, ...) +- `` is an identifier chosen by you to name this specific declaration +- `` is the value/definition of the declaration itself, which has to match the specific declaration body type expected by the chosen declaration type. + +So, for `app` declaration above, we have: + +- declaration type `app` +- declaration name `MyApp` (we could have used any other identifier, like `foobar`, `foo_bar`, or `hi3Ho`) +- declaration body `{ title: "My app" }`, which is a dictionary with field `title` that has string value. + Type of this dictionary is in line with the declaration body type of the `app` declaration type. + If we provided something else, e.g. changed `title` to `little`, we would get a type error from Wasp compiler since that does not match the expected type of the declaration body for `app`. + +Each declaration has a meaning behind it that describes how your web app should behave and function. + +All the other types in Wasp language (primitive types (`string`, `number`), composite types (`dict`, `list`), enum types (`DbSystem`), ...) are used to define the declaration bodies. + +## Complete List of Wasp Types + +Wasp's type system can be divided into two main categories of types: **fundamental types** and **domain types**. + +While fundamental types are here to be basic building blocks of a language and are very similar to what you would see in other popular languages, domain types are what make Wasp special, as they model the concepts of a web app like `page`, `route` and similar. + +- Fundamental types ([source of truth](https://github.com/wasp-lang/wasp/blob/main/waspc/src/Wasp/Analyzer/Type.hs)) + - Primitive types + - **string** (`"foo"`, `"they said: \"hi\""`) + - **bool** (`true`, `false`) + - **number** (`12`, `14.5`) + - **declaration reference** (name of existing declaration: `TaskPage`, `updateTask`) + - **ExtImport** (external import) (`import Foo from "@src/bar.js"`, `import { Smth } from "@src/a/b.js"`) + - The path has to start with "@src". The rest is relative to the `src` directory. + - Import has to be a default import `import Foo` or a single named import `import { Foo }`. + - **json** (`{=json { a: 5, b: ["hi"] } json=}`) + - **psl** (Prisma Schema Language) (`{=psl psl=}`) + - Check [Prisma docs](https://www.prisma.io/docs/concepts/components/prisma-schema/data-model) for the syntax of psl data model. + - Composite types + - **dict** (dictionary) (`{ a: 5, b: "foo" }`) + - **list** (`[1, 2, 3]`) + - **tuple** (`(1, "bar")`, `(2, 4, true)`) + - Tuples can be of size 2, 3 and 4. +- Domain types ([source of truth](https://github.com/wasp-lang/wasp/blob/main/waspc/src/Wasp/Analyzer/StdTypeDefinitions.hs)) + - Declaration types + - **action** + - **api** + - **apiNamespace** + - **app** + - **entity** + - **job** + - **page** + - **query** + - **route** + - **crud** + - Enum types + - **DbSystem** + - **HttpMethod** + - **JobExecutor** + - **EmailProvider** + +You can find more details about each of the domain types, both regarding their body types and what they mean, in the corresponding doc pages covering their features. diff --git a/web/versioned_docs/version-0.13.11/introduction/editor-setup.md b/web/versioned_docs/version-0.13.11/introduction/editor-setup.md new file mode 100644 index 0000000000..f025eccd32 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/introduction/editor-setup.md @@ -0,0 +1,23 @@ +--- +title: Editor Setup +slug: /editor-setup +--- + +:::note +This page assumes you have already installed Wasp. If you do not have Wasp installed yet, check out the [Quick Start](./quick-start.md) guide. +::: + +Wasp comes with the Wasp language server, which gives supported editors powerful support and integration with the language. + +## VSCode + +Currently, Wasp only supports integration with VSCode. Install the [Wasp language extension](https://marketplace.visualstudio.com/items?itemName=wasp-lang.wasp) to get syntax highlighting and integration with the Wasp language server. + +The extension enables: +- syntax highlighting for `.wasp` files +- scaffolding of new project files +- code completion +- diagnostics (errors and warnings) +- go to definition + +and more! diff --git a/web/versioned_docs/version-0.13.11/introduction/introduction.md b/web/versioned_docs/version-0.13.11/introduction/introduction.md new file mode 100644 index 0000000000..f41f1b9168 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/introduction/introduction.md @@ -0,0 +1,203 @@ +--- +title: Introduction +slug: / +--- + +import ImgWithCaption from '@site/blog/components/ImgWithCaption' + +:::note +If you are looking for the installation instructions, check out the [Quick Start](./quick-start.md) section. +::: + +We will give a brief overview of what Wasp is, how it works on a high level and when to use it. + +## Wasp is a tool to build modern web applications + +It is an opinionated way of building **full-stack web applications**. It takes care of all three +major parts of a web application: **client** (front-end), **server** (back-end) and **database**. + +### Works well with your existing stack +Wasp is not trying to do everything at once but rather focuses on the complexity +which arises from connecting all the parts of the stack (client, server, database, deployment) together. + +Wasp is using **React**, **Node.js** and **Prisma** under the hood and relies on them to define web components and server queries and actions. + +### Wasp's secret sauce + +At the core is the Wasp compiler which takes the Wasp config and your Javascript code and outputs the client app, server app and deployment code. + + + + + +The cool thing about having a compiler that understands your code is that it can do a lot of things for you. + +Define your app in the Wasp config and get: +- login and signup with Auth UI components, +- full-stack type safety, +- e-mail sending, +- async processing jobs, +- React Query powered data fetching, +- security best practices, +- and more. + +You don't need to write any code for these features, Wasp will take care of it for you 🀯 And what's even better, Wasp also maintains the code for you, so you don't have to worry about keeping up with the latest security best practices. As Wasp updates, so does your app. + +## So what does the code look like? + +Let's say you want to build a web app that allows users to **create and share their favorite recipes**. + +Let's start with the main.wasp file: it is the central file of your app, where you describe the app from the high level. + +Let's give our app a title and let's immediately turn on the full-stack authentication via username and password: +```wasp title="main.wasp" +app RecipeApp { + title: "My Recipes", + wasp: { version: "^0.13.0" }, + auth: { + methods: { usernameAndPassword: {} }, + onAuthFailedRedirectTo: "/login", + userEntity: User + } +} +``` + +Let's then add the data models for your recipes. We will want to have Users and Users can own Recipes: + +```wasp title="main.wasp" +... + +entity User {=psl // Data models are defined using Prisma Schema Language. + id Int @id @default(autoincrement()) + recipes Recipe[] +psl=} + +entity Recipe {=psl + id Int @id @default(autoincrement()) + title String + description String? + userId Int + user User @relation(fields: [userId], references: [id]) +psl=} +``` + +Next, let's define how to do something with these data models! + +We do that by defining Operations, in this case a Query `getRecipes` and Action `addRecipe`, +which are in their essence a Node.js functions that execute on server and can, thanks to Wasp, very easily be called from the client. + +First, we define these Operations in our main.wasp file, so Wasp knows about them and can "beef them up": +```wasp title="main.wasp" +// Queries have automatic cache invalidation and are type-safe. +query getRecipes { + fn: import { getRecipes } from "@src/recipe/operations.ts", + entities: [Recipe], +} + +// Actions are type-safe and can be used to perform side-effects. +action addRecipe { + fn: import { addRecipe } from "@src/recipe/operations.ts", + entities: [Recipe], +} +``` + +... and then implement them in our Javascript (or TypeScript) code (we show just the query here, using TypeScript): + +```ts title="src/recipe/operations.ts" +// Wasp generates the types for you. +import { type GetRecipes } from "wasp/server/operations"; +import { type Recipe } from "wasp/entities"; + +export const getRecipes: GetRecipes<{}, Recipe[]> = async (_args, context) => { + return context.entities.Recipe.findMany( // Prisma query + { where: { user: { id: context.user.id } } } + ); +}; + +export const addRecipe ... +``` + +Now we can very easily use these in our React components! + +For the end, let's create a home page of our app. + +First we define it in main.wasp: +```wasp title="main.wasp" +... + +route HomeRoute { path: "/", to: HomePage } +page HomePage { + component: import { HomePage } from "@src/pages/HomePage", + authRequired: true // Will send user to /login if not authenticated. +} +``` + +and then implement it as a React component in JS/TS (that calls the Operations we previously defined): + +```tsx title="src/pages/HomePage.tsx" +import { useQuery, getRecipes } from "wasp/client/operations"; +import { type User } from "wasp/entities"; + +export function HomePage({ user }: { user: User }) { + // Due to full-stack type safety, `recipes` will be of type `Recipe[]` here. + const { data: recipes, isLoading } = useQuery(getRecipes); // Calling our query here! + + if (isLoading) { + return
    Loading...
    ; + } + + return ( +
    +

    Recipes

    +
      + {recipes ? recipes.map((recipe) => ( +
    • +
      {recipe.title}
      +
      {recipe.description}
      +
      • + )) : 'No recipes defined yet!'} +
    +
    + ); +} +``` + +And voila! We are listing all the recipes in our app πŸŽ‰ + +This was just a quick example to give you a taste of what Wasp is. For step by step tour through the most important Wasp features, check out the [Todo app tutorial](../tutorial/01-create.md). + +:::note +Above we skipped defining `/login` and `/signup` pages to keep the example a bit shorter, but those are very simple to do by using Wasp's Auth UI feature. +::: + +## When to use Wasp +Wasp is addressing the same core problems that typical web app frameworks are addressing, and it in big part [looks, swims and quacks](https://en.wikipedia.org/wiki/Duck_test) like a web app framework. + +### Best used for +- building full-stack web apps (like e.g. Airbnb or Asana) +- quickly starting a web app with industry best practices +- to be used alongside modern web dev stack (currently supported React and Node) + +### Avoid using Wasp for +- building static/presentational websites +- to be used as a no-code solution +- to be a solve-it-all tool in a single language + +## Wasp is a DSL + +:::note +You don't need to know what a DSL is to use Wasp, but if you are curious, you can read more about it below. +::: + +Wasp does not match typical expectations of a web app framework: it is not a set of libraries, it is instead a simple programming language that understands your code and can do a lot of things for you. + +Wasp is a programming language, but a specific kind: it is specialized for a single purpose: **building modern web applications**. We call such languages *DSL*s (Domain Specific Language). + +Other examples of *DSL*s that are often used today are e.g. *SQL* for databases and *HTML* for web page layouts. +The main advantage and reason why *DSL*s exist is that they need to do only one task (e.g. database queries) +so they can do it well and provide the best possible experience for the developer. + +The same idea stands behind Wasp - a language that will allow developers to **build modern web applications with 10x less code and less stack-specific knowledge**. diff --git a/web/versioned_docs/version-0.13.11/introduction/quick-start.md b/web/versioned_docs/version-0.13.11/introduction/quick-start.md new file mode 100644 index 0000000000..e33552e164 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/introduction/quick-start.md @@ -0,0 +1,150 @@ +--- +title: Quick Start +slug: /quick-start +--- + +import useBaseUrl from '@docusaurus/useBaseUrl'; + +## Installation + +Welcome, new Waspeteer 🐝! + +Let's create and run our first Wasp app in 3 short steps: + +1. **To install Wasp on Linux / OSX / WSL (Windows), open your terminal and run:** + + ```shell + curl -sSL https://get.wasp-lang.dev/installer.sh | sh + ``` + + ℹ️ Wasp requires Node.js and will warn you if it is missing: check below for [more details](#requirements). + +2. **Then, create a new app by running:** + + ```shell + wasp new + ``` + +3. **Finally, run the app:** + + ```shell + cd + wasp start + ``` + +That's it πŸŽ‰ You have successfully created and served a new full-stack web app at and Wasp is serving both frontend and backend for you. + +:::note Something Unclear? + Check [More Details](#more-details) section below if anything went wrong with the installation, or if you have additional questions. +::: + +:::tip Want an even faster start? + Try out [Wasp AI](../wasp-ai/creating-new-app.md) πŸ€– to generate a new Wasp app in minutes just from a title and short description! +::: + +:::tip Try Wasp Without Installing πŸ€”? + Give Wasp a spin in the browser without any setup by running our [Wasp Template for Gitpod](https://github.com/wasp-lang/gitpod-template) +::: + + +### What next? + + - [ ] πŸ‘‰ **Check out the [Todo App tutorial](../tutorial/01-create.md), which will take you through all the core features of Wasp!** πŸ‘ˆ + - [ ] [Setup your editor](./editor-setup.md) for working with Wasp. + - [ ] Join us on [Discord](https://discord.gg/rzdnErX)! Any feedback or questions you have, we are there for you. + - [ ] Follow Wasp development by subscribing to our newsletter: https://wasp-lang.dev/#signup . We usually send 1 per month, and [Matija](https://github.com/matijaSos) does his best to unleash his creativity to make them engaging and fun to read :D! + +------ + +## More details + +### Requirements + +You must have Node.js (and NPM) installed on your machine and available in `PATH`. +A version of Node.js must be >= 18. + +If you need it, we recommend using [nvm](https://github.com/nvm-sh/nvm) for managing your Node.js installation version(s). + +
    + + A quick guide on installing/using nvm + +
    + + Install nvm via your OS package manager (`apt`, `pacman`, `homebrew`, ...) or via the [nvm](https://github.com/nvm-sh/nvm#install--update-script) install script. + + Then, install a version of Node.js that you need: + ```shell + nvm install 20 + ``` + + Finally, whenever you need to ensure a specific version of Node.js is used, run: + ```shell + nvm use 20 + ``` + to set the Node.js version for the current shell session. + + You can run + ```shell + node -v + ``` + to check the version of Node.js currently being used in this shell session. + + Check NVM repo for more details: https://github.com/nvm-sh/nvm. + +
    +
    + + +### Installation + + + + +Open your terminal and run: + +```shell +curl -sSL https://get.wasp-lang.dev/installer.sh | sh +``` + +:::note Running Wasp on Mac with Mx chip (arm64) +**Experiencing the 'Bad CPU type in executable' issue on a device with arm64 (Apple Silicon)?** +Given that the wasp binary is built for x86 and not for arm64 (Apple Silicon), you'll need to install [Rosetta on your Mac](https://support.apple.com/en-us/HT211861) if you are using a Mac with Mx (M1, M2, ...). Rosetta is a translation process that enables users to run applications designed for x86 on arm64 (Apple Silicon). To install Rosetta, run the following command in your terminal +```bash +softwareupdate --install-rosetta +``` +Once Rosetta is installed, you should be able to run Wasp without any issues. +::: + + + + + +With Wasp for Windows, we are almost there: Wasp is successfully compiling and running on Windows but there is a bug or two stopping it from fully working. Check it out [here](https://github.com/wasp-lang/wasp/issues/48) if you are interested in helping. + +In the meantime, the best way to start using Wasp on Windows is by using [WSL](https://learn.microsoft.com/en-us/windows/wsl/install). Once you set up Ubuntu on WSL, just follow Linux instructions for installing Wasp. You can refer to this [article](https://wasp-lang.dev/blog/2023/11/21/guide-windows-development-wasp-wsl) if you prefer a step by step guide to using Wasp in WSL environment. If you need further help, reach out to us on [Discord](https://discord.gg/rzdnErX) - we have some community members using WSL that might be able to help you. +:::caution + If you are using WSL2, make sure that your Wasp project is not on the Windows file system, but instead on the Linux file system. Otherwise, Wasp won't be able to detect file changes, due to the [issue in WSL2](https://github.com/microsoft/WSL/issues/4739). +::: + + + + + +If the installer is not working for you or your OS is not supported, you can try building Wasp from the source. + +To install from source, you need to clone the [wasp repo](https://github.com/wasp-lang/wasp), install [Cabal](https://cabal.readthedocs.io/en/stable/getting-started.html) on your machine and then run `cabal install` from the `waspc/` dir. + +If you have never built Wasp before, this might take some time due to `cabal` downloading dependencies for the first time. + +Check [waspc/](https://github.com/wasp-lang/wasp/tree/main/waspc) for more details on building Wasp from the source. + + + diff --git a/web/versioned_docs/version-0.13.11/migrate-from-0-11-to-0-12.md b/web/versioned_docs/version-0.13.11/migrate-from-0-11-to-0-12.md new file mode 100644 index 0000000000..f9a6630508 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/migrate-from-0-11-to-0-12.md @@ -0,0 +1,1375 @@ +--- +title: Migration from 0.11.X to 0.12.X +--- + +import { EmailPill, UsernameAndPasswordPill, GithubPill, GooglePill } from "./auth/Pills"; + +:::note The latest version of Wasp is 0.13.X + +To fully migrate from 0.11.X to the latest version of Wasp, you should first migrate to **0.12.X and then to 0.13.X**. + +Make sure to read the [migration guide from 0.12.X to 0.13.X](./migrate-from-0-12-to-0-13.md) after you finish this one. + +::: + +## What's new in Wasp 0.12.0? + +### New project structure + +Here's a file tree of a fresh Wasp project created with the previous version of Wasp. +More precisely, this is what you'll get if you run `wasp new myProject` using Wasp 0.11.x: + +``` +. +β”œβ”€β”€ .gitignore +β”œβ”€β”€ main.wasp +β”œβ”€β”€ src +β”‚Β Β  β”œβ”€β”€ client +β”‚Β Β  β”‚Β Β  β”œβ”€β”€ Main.css +β”‚Β Β  β”‚Β Β  β”œβ”€β”€ MainPage.jsx +β”‚Β Β  β”‚Β Β  β”œβ”€β”€ react-app-env.d.ts +β”‚Β Β  β”‚Β Β  β”œβ”€β”€ tsconfig.json +β”‚Β Β  β”‚Β Β  └── waspLogo.png +β”‚Β Β  β”œβ”€β”€ server +β”‚Β Β  β”‚Β Β  └── tsconfig.json +β”‚Β Β  β”œβ”€β”€ shared +β”‚Β Β  β”‚Β Β  └── tsconfig.json +β”‚Β Β  └── .waspignore +└── .wasproot +``` + +Compare that with the file tree of a fresh Wasp project created with Wasp +0.12.0. In other words, this is what you will get by running `wasp new myProject` +from this point onwards: + +``` +. +β”œβ”€β”€ .gitignore +β”œβ”€β”€ main.wasp +β”œβ”€β”€ package.json +β”œβ”€β”€ public +β”‚Β Β  └── .gitkeep +β”œβ”€β”€ src +β”‚Β Β  β”œβ”€β”€ Main.css +β”‚Β Β  β”œβ”€β”€ MainPage.jsx +β”‚Β Β  β”œβ”€β”€ queries.ts +β”‚Β Β  β”œβ”€β”€ vite-env.d.ts +β”‚Β Β  β”œβ”€β”€ .waspignore +β”‚Β Β  └── waspLogo.png +β”œβ”€β”€ tsconfig.json +β”œβ”€β”€ vite.config.ts +└── .wasproot + +``` + +The main differences are: + +- The server/client code separation is no longer necessary. You can now organize + your code however you want, as long as it's inside the `src` directory. +- All external imports in your Wasp file must have paths starting with `@src` (e.g., `import foo from '@src/bar.js'`) + where `@src` refers to the `src` directory in your project root. The paths can + no longer start with `@server` or `@client`. +- Your project now features a top-level `public` dir. Wasp will publicly serve + all the files it finds in this directory. Read more about it + [here](https://wasp-lang.dev/docs/project/static-assets). + +Our [Overview docs](./tutorial/02-project-structure.md) explain the new +structure in detail, while this page provides a [quick guide](#migrating-your-project-to-the-new-structure) for migrating existing +projects. + +### New auth + +In Wasp 0.11.X, authentication was based on the `User` model which the developer needed to set up properly and take care of the auth fields like `email` or `password`. + +```wasp title="main.wasp" +app myApp { + wasp: { + version: "^0.11.0" + }, + title: "My App", + auth: { + userEntity: User, + externalAuthEntity: SocialLogin, + methods: { + gitHub: {} + }, + onAuthFailedRedirectTo: "/login" + }, +} + +entity User {=psl + id Int @id @default(autoincrement()) + // highlight-start + username String @unique + password String + externalAuthAssociations SocialLogin[] + // highlight-end +psl=} + + +// highlight-start +entity SocialLogin {=psl + id Int @id @default(autoincrement()) + provider String + providerId String + user User @relation(fields: [userId], references: [id], onDelete: Cascade) + userId Int + createdAt DateTime @default(now()) + @@unique([provider, providerId, userId]) +psl=} +// highlight-end +``` + +From 0.12.X onwards, authentication is based on the auth models which are automatically set up by Wasp. You don't need to take care of the auth fields anymore. + +The `User` model is now just a business logic model and you use it for storing the data that is relevant for your app. + +```wasp title="main.wasp" +app myApp { + wasp: { + version: "^0.12.0" + }, + title: "My App", + auth: { + userEntity: User, + methods: { + gitHub: {} + }, + onAuthFailedRedirectTo: "/login" + }, +} + +entity User {=psl + id Int @id @default(autoincrement()) +psl=} +``` + +:::caution Regression Note: Multiple Auth Identities per User + +With our old auth implementation, if you were using both Google and email auth methods, your users could sign up with Google first and then, later on, reset their password and therefore also enable logging in with their email and password. This was the only way in which a single user could have multiple login methods at the same time (Google and email). + +This is not possible anymore. **The new auth system doesn't support multiple login methods per user at the moment**. We do plan to add this soon though, with the introduction of the [account merging feature](https://github.com/wasp-lang/wasp/issues/954). + +If you have any users that have both Google and email login credentials at the same time, you will have to pick only one of those for that user to keep when migrating them. + +::: + +:::caution Regression Note: `_waspCustomValidations` is deprecated + +Auth field customization is no longer possible using the `_waspCustomValidations` on the `User` entity. This is a part of auth refactoring that we are doing to make it easier to customize auth. We will be adding more customization options in the future. + +::: + +You can read more about the new auth system in the [Auth Entities](./auth/entities) section. + +## How to Migrate? + +These instructions are for migrating your app from Wasp `0.11.X` to Wasp `0.12.X`, meaning they will work for all minor releases that fit this pattern (e.g., the guide applies to `0.12.0`, `0.12.1`, ...). + +The guide consists of two big steps: +1. Migrating your Wasp project to the new structure. +2. Migrating to the new auth. + +If you get stuck at any point, don't hesitate to ask for help on [our Discord server](https://discord.gg/rzdnErX). + +### Migrating Your Project to the New Structure + +You can easily migrate your old Wasp project to the new structure by following a +series of steps. Assuming you have a project called `foo` inside the +directory `foo`, you should: + +0. **Install the `0.12.x` version** of Wasp. + ```bash + curl -sSL https://get.wasp-lang.dev/installer.sh | sh -s -- -v 0.12.4 + ``` +1. Make sure to **backup or save your project** before starting the procedure (e.g., + by committing it to source control or creating a copy). +2. **Position yourself in the terminal** in the directory that is a parent of your wasp project directory (so one level above: if you do `ls`, you should see your wasp project dir listed). +3. **Run the migration script** (replace `foo` at the end with the name of your Wasp project directory) and follow the instructions: + ``` + npx wasp-migrate foo + ``` + +
    + + In case the migration script doesn't work well for you, you can do the same steps manually, as described here: + +
    + +1. Rename your project's root directory to something like `foo_old`. +2. Create a new project by running `wasp new foo`. +3. Delete all files of `foo/src` except `vite-env.d.ts`. +4. If `foo_old/src/client/public` exists and contains any files, copy those files into + `foo/public`. +5. Copy the contents of `foo_old/src` into `foo/src`. + `foo/src` should now contain `vite-env.d.ts`, `.waspignore`, and three subdirectories (`server`, `client`, and `shared`). + Don't change anything about this structure yet. +6. Delete redundant files and folders from `foo/src`: + - `foo/src/.waspignore` - A new version of this file already exists at the top level. + - `foo/src/client/vite-env.d.ts` - A new version of this file already exists at the top level. + - `foo/src/client/tsconfig.json` - A new version of this file already exists at the top level. + - `foo/src/server/tsconfig.json` - A new version of this file already exists at the top level. + - `foo/src/shared/tsconfig.json` - A new version of this file already exists at the top level. + - `foo/src/client/public` - You've moved all the files from this directory in step 5. +7. Update all the `@wasp` imports in your JS(X)/TS(X) source files in the `src/` dir. + + For this, we prepared a special script that will rewrite these imports automatically for you. + + Before doing this step, as the script will modify your JS(X)/TS(X) files in place, we advise committing + all changes you have so far, so you can then both easily inspect the import rewrites that our + script did (with `git diff`) and also revert them if something went wrong. + + To run the import-rewriting script, make sure you are in the root dir of your wasp project, and then run + ``` + npx jscodeshift@0.15.1 -t https://raw.githubusercontent.com/wasp-lang/wasp-codemod/main/src/transforms/imports-from-0-11-to-0-12.ts --extensions=js,ts,jsx,tsx src/ + ``` + + Then, check the changes it did, in case some kind of manual intervention is needed (in which case you should see TODO comments generated by the script). + + Alternatively, you can find all the mappings of old imports to the new ones in [this table](https://docs.google.com/spreadsheets/d/1QW-_16KRGTOaKXx9NYUtjk6m2TQ0nUMOA74hBthTH3g/edit#gid=1725669920) and use it to fix some/all of them manually. +8. Replace the Wasp file in `foo` (i.e., `main.wasp`) with the Wasp file from `foo_old` +9. Change the Wasp version field in your Wasp file (now residing in `foo`) to `"^0.12.0"`. +10. Correct external imports in your Wasp file (now residing in `foo`). + imports. You can do this by running search-and-replace inside the file: + + - Change all occurrences of `@server` to `@src/server` + - Change all occurrences of `@client` to `@src/client` + + For example, if you previously had something like: + + ```js + page LoginPage { + // highlight-next-line + // This previously resolved to src/client/LoginPage.js + // highlight-next-line + component: import Login from "@client/LoginPage" + } + + // ... + + query getTasks { + // highlight-next-line + // This previously resolved to src/server/queries.js + // highlight-next-line + fn: import { getTasks } from "@server/queries.js", + } + ``` + + You should change it to: + + ```js + page LoginPage { + // highlight-next-line + // This now resolves to src/client/LoginPage.js + // highlight-next-line + component: import Login from "@src/client/LoginPage" + } + + // ... + + query getTasks { + // highlight-next-line + // This now resolves to src/server/queries.js + // highlight-next-line + fn: import { getTasks } from "@src/server/queries.js", + } + ``` + + Do this for all external imports in your `.wasp` file. After you're done, there shouldn't be any occurrences of strings `"@server"` or `"@client"` + +11. Take all the dependencies from `app.dependencies` declaration in + `foo/main.wasp` and move them to `foo/package.json`. Make sure to remove the `app.dependencies` field from `foo/main.wasp`. + + For example, if `foo_old/main.wasp` had: + + ```css + app Foo { + // ... + dependencies: [ ('redux', '^4.0.5'), ('reacjt-redux', '^7.1.3')]; + } + ``` + + Your `package.json` in `foo` should now list these dependencies (Wasp already generated most of the file, you just have to list additional dependencies). + + ```json + { + "name": "foo", + "dependencies": { + "wasp": "file:.wasp/out/sdk/wasp", + "react": "^18.2.0", + // highlight-next-line + "redux": "^4.0.5", + // highlight-next-line + "reactjs-redux": "^7.1.3" + }, + "devDependencies": { + "typescript": "^5.1.0", + "vite": "^4.3.9", + "@types/react": "^18.0.37", + "prisma": "4.16.2" + } + } + ``` + +12. Copy all lines you might have added to `foo_old/.gitignore` into + `foo/.gitignore` +13. Copy the rest of the top-level files and folders (all of them except for `.gitignore`, `main.wasp` and `src/`) + in `foo_old/` into `foo/` (overwrite the existing files in `foo`). +14. Run `wasp clean` in `foo`. +15. Delete the `foo_old` directory. + +
    +
    + +That's it! You now have a properly structured Wasp 0.12.0 project in the `foo` directory. +Your app probably doesn't quite work yet due to some other changes in Wasp 0.12.0, but we'll get to that in the next sections. + +### Migrating declaration names +Wasp 0.12.0 adds a casing constraints when naming Queries, Actions, Jobs, and Entities in the `main.wasp` file. + +The following casing conventions have now become mandatory: +- Operation (i.e., Query and Action) names must begin with a lowercase letter: `query getTasks {...}`, `action createTask {...}`. +- Job names must begin with a lowercase letter: `job sendReport {...}`. +- Entity names must start with an uppercase letter: `entity Task {...}`. + +### Migrating the Tailwind Setup + +:::note +If you don't use Tailwind in your project, you can skip this section. +::: + +There is a small change in how the `tailwind.config.cjs` needs to be defined in Wasp 0.12.0. + +You'll need to wrap all your paths in the `content` field with the `resolveProjectPath` function. This makes sure that the paths are resolved correctly when generating your CSS. + +Here's how you can do it: + + + + +```js title="tailwind.config.cjs" +/** @type {import('tailwindcss').Config} */ +module.exports = { + content: [ + // highlight-next-line + './src/**/*.{js,jsx,ts,tsx}', + ], + theme: { + extend: {}, + }, + plugins: [], +} +``` + + + + +```js title="tailwind.config.cjs" +// highlight-next-line +const { resolveProjectPath } = require('wasp/dev') + +/** @type {import('tailwindcss').Config} */ +module.exports = { + content: [ + // highlight-next-line + resolveProjectPath('./src/**/*.{js,jsx,ts,tsx}'), + ], + theme: { + extend: {}, + }, + plugins: [], +} +``` + + + +### Default Server Dockerfile Changed +:::note +If you didn't customize your Dockerfile or had a custom build process for the Wasp server, you can skip this section. +::: + +Between Wasp 0.11.X and 0.12.X, the Dockerfile that Wasp generates for you for deploying the server has changed. If you defined a custom Dockerfile in your project root dir or in any other way relied on its contents, you'll need to update it to incorporate the changes that Wasp 0.12.X made. + +We suggest that you temporarily move your custom Dockerfile to a different location, then run `wasp start` to generate the new Dockerfile. +Check out the `.wasp/out/Dockerfile` to see the new Dockerfile and what changes you need to make. You'll probably need to copy some of the changes from the new Dockerfile to your custom one to make your app work with Wasp 0.12.X. + +### Migrating to the New Auth +As shown in [the previous section](#new-auth), Wasp significantly changed how authentication works in version 0.12.0. +This section leads you through migrating your app from Wasp 0.11.X to Wasp 0.12.X. + +Migrating your existing app to the new auth system is a two-step process: + +1. Migrate to the new auth system +1. Clean up the old auth system + +:::info Migrating a deployed app + +While going through these steps, we will focus first on doing the changes locally (including your local development database). + +Once we confirm everything works well locally, we will apply the same changes to the deployed app (including your production database). + +**We'll put extra info for migrating a deployed app in a box like this one.** +::: + +#### 1. Migrate to the New Auth System + +You can follow these steps to migrate to the new auth system (assuming you already migrated the project structure to 0.12, as described [above](#migrating-your-project-to-the-new-structure)): + +1. **Migrate `getUserFields` and/or `additionalSignupFields` in the `main.wasp` file to the new `userSignupFields` field.** + + If you are not using them, you can skip this step. + + In Wasp 0.11.X, you could define a `getUserFieldsFn` to specify extra fields that would get saved to the `User` when using Google or GitHub to sign up. + + You could also define `additionalSignupFields` to specify extra fields for the Email or Username & Password signup. + + In 0.12.X, we unified these two concepts into the `userSignupFields` field. + +
    + Migration for and + + First, move the value of `auth.signup.additionalFields` to `auth.methods.{method}.userSignupFields` in the `main.wasp` file. + + `{method}` depends on the auth method you are using. For example, if you are using the email auth method, you should move the `auth.signup.additionalFields` to `auth.methods.email.userSignupFields`. + + To finish, update the JS/TS implementation to use the `defineUserSignupFields` from `wasp/server/auth` instead of `defineAdditionalSignupFields` from `@wasp/auth/index.js`. + + + + + ```wasp title="main.wasp" + app crudTesting { + // ... + auth: { + userEntity: User, + methods: { + email: {}, + }, + onAuthFailedRedirectTo: "/login", + // highlight-start + signup: { + additionalFields: import { fields } from "@server/auth/signup.js", + }, + // highlight-end + }, + } + ``` + + ```ts title="src/server/auth/signup.ts" + // highlight-next-line + import { defineAdditionalSignupFields } from '@wasp/auth/index.js' + + // highlight-next-line + export const fields = defineAdditionalSignupFields({ + address: async (data) => { + const address = data.address + if (typeof address !== 'string') { + throw new Error('Address is required') + } + if (address.length < 5) { + throw new Error('Address must be at least 5 characters long') + } + return address + }, + }) + ``` + + + + + + ```wasp title="main.wasp" + app crudTesting { + // ... + auth: { + userEntity: User, + methods: { + email: { + // highlight-next-line + userSignupFields: import { fields } from "@src/server/auth/signup.js", + }, + }, + onAuthFailedRedirectTo: "/login", + }, + } + ``` + + ```ts title="src/server/auth/signup.ts" + // highlight-next-line + import { defineUserSignupFields } from 'wasp/server/auth' + + // highlight-next-line + export const fields = defineUserSignupFields({ + address: async (data) => { + const address = data.address; + if (typeof address !== 'string') { + throw new Error('Address is required'); + } + if (address.length < 5) { + throw new Error('Address must be at least 5 characters long'); + } + return address; + }, + }) + ``` + + Read more about the `userSignupFields` function [here](/auth/overview.md#1-defining-extra-fields). + + + + +
    + +
    + Migration for and + + First, move the value of `auth.methods.{method}.getUserFieldsFn` to `auth.methods.{method}.userSignupFields` in the `main.wasp` file. + + `{method}` depends on the auth method you are using. For example, if you are using Google auth, you should move the `auth.methods.google.getUserFieldsFn` to `auth.methods.google.userSignupFields`. + + To finish, update the JS/TS implementation to use the `defineUserSignupFields` from `wasp/server/auth` and modify the code to return the fields in the format that `defineUserSignupFields` expects. + + + + + ```wasp title="main.wasp" + app crudTesting { + // ... + auth: { + userEntity: User, + methods: { + google: { + // highlight-next-line + getUserFieldsFn: import { getUserFields } from "@server/auth/google.js" + }, + }, + onAuthFailedRedirectTo: "/login", + }, + } + ``` + + ```ts title="src/server/auth/google.ts" + // highlight-next-line + import type { GetUserFieldsFn } from '@wasp/types' + + // highlight-start + export const getUserFields: GetUserFieldsFn = async (_context, args) => { + const displayName = args.profile.displayName + return { displayName } + } + // highlight-end + ``` + + + + + + ```wasp title="main.wasp" + app crudTesting { + // ... + auth: { + userEntity: User, + methods: { + google: { + // highlight-next-line + userSignupFields: import { fields } from "@src/server/auth/google.js", + }, + }, + onAuthFailedRedirectTo: "/login", + }, + } + ``` + + ```ts title="src/server/auth/signup.ts" + // highlight-next-line + import { defineUserSignupFields } from 'wasp/server/auth' + + // highlight-start + export const fields = defineUserSignupFields({ + displayName: async (data) => { + const profile: any = data.profile; + if (!profile?.displayName) { throw new Error('Display name is not available'); } + return profile.displayName; + }, + }) + // highlight-end + ``` + + If you want to properly type the `profile` object, we recommend you use a validation library like Zod to define the shape of the `profile` object. + + Read more about this and the `defineUserSignupFields` function in the [Auth Overview - Defining Extra Fields](./auth/overview.md#1-defining-extra-fields) section. + + + + +
    + +1. **Remove the `auth.methods.email.allowUnverifiedLogin` field** from your `main.wasp` file. + + In Wasp 0.12.X we removed the `auth.methods.email.allowUnverifiedLogin` field to make our Email auth implementation easier to reason about. If you were using it, you should remove it from your `main.wasp` file. + +1. Ensure your **local development database is running**. +1. **Do the schema migration** (create the new auth tables in the database) by running: + ```bash + wasp db migrate-dev + ``` +You should see the new `Auth`, `AuthIdentity` and `Session` tables in your database. You can use the `wasp db studio` command to open the database in a GUI and verify the tables are there. At the moment, they will be empty. +1. **Do the data migration** (move existing users from the old auth system to the new one by filling the new auth tables in the database with their data): + + 1. **Implement your data migration function(s)** in e.g. `src/migrateToNewAuth.ts`. + + Below we prepared [examples of migration functions](#example-data-migration-functions) for each of the auth methods, for you to use as a starting point. + They should be fine to use as-is, meaning you can just copy them and they are likely to work out of the box for typical use cases, but you can also modify them for your needs. + + We recommend you create one function per each auth method that you use in your app. + + 1. **Define custom API endpoints for each migration function** you implemented. + + With each data migration function below, we provided a relevant `api` declaration that you should add to your `main.wasp` file. + + 1. **Run the data migration function(s)** on the local development database by calling the API endpoints you defined in the previous step. + + You can call the endpoint by visiting the URL in your browser, or by using a tool like `curl` or Postman. + + For example, if you defined the API endpoint at `/migrate-username-and-password`, you can call it by visiting `http://localhost:3001/migrate-username-and-password` in your browser. + + This should be it, you can now run `wasp db studio` again and verify that there is now relevant data in the new auth tables (`Auth` and `AuthIdentity`; `Session` should still be empty for now). + +1. **Verify that the basic auth functionality works** by running `wasp start` and successfully signing up / logging in with each of the auth methods. +1. **Update your JS/TS code** to work correctly with the new auth. + + You might want to use the new auth helper functions to get the `email` or `username` from a user object. For example, `user.username` might not work anymore for you, since the `username` obtained by the Username & Password auth method isn't stored on the `User` entity anymore (unless you are explicitly storing something into `user.username`, e.g. via `userSignupFields` for a social auth method like Github). Same goes for `email` from Email auth method. + + Instead, you can now use `getUsername(user)` to get the username obtained from Username & Password auth method, or `getEmail(user)` to get the email obtained from Email auth method. + + Read more about the helpers in the [Auth Entities - Accessing the Auth Fields](auth/entities#accessing-the-auth-fields) section. +1. Finally, **check that your app now fully works as it worked before**. If all the above steps were done correctly, everything should be working now. + + :::info Migrating a deployed app + + After successfully performing migration locally so far, and verifying that your app works as expected, it is time to also migrate our deployed app. + + Before migrating your production (deployed) app, we advise you to back up your production database in case something goes wrong. Also, besides testing it in development, it's good to test the migration in a staging environment if you have one. + + We will perform the production migration in 2 steps: + - Deploying the new code to production (client and server). + - Migrating the production database data. + + --- + + Between these two steps, so after successfully deploying the new code to production and before migrating the production database data, your app will not be working completely: new users will be able to sign up, but existing users won't be able to log in, and already logged in users will be logged out. Once you do the second step, migrating the production database data, it will all be back to normal. You will likely want to keep the time between the two steps as short as you can. + + --- + + - **First step: deploy the new code** (client and server), either via `wasp deploy` (i.e. `wasp deploy fly deploy`) or manually. + + Check our [Deployment docs](advanced/deployment/overview.md) for more details. + + - **Second step: run the data migration functions** on the production database. + + You can do this by calling the API endpoints you defined in the previous step, just like you did locally. You can call the endpoint by visiting the URL in your browser, or by using a tool like `curl` or Postman. + + For example, if you defined the API endpoint at `/migrate-username-and-password`, you can call it by visiting `https://your-server-url.com/migrate-username-and-password` in your browser. + + Your deployed app should be working normally now, with the new auth system. + ::: + + +#### 2. Cleanup the Old Auth System + +Your app should be working correctly and using new auth, but to finish the migration, we need to clean up the old auth system: + +1. In `main.wasp` file, **delete auth-related fields from the `User` entity**, since with 0.12 they got moved to the internal Wasp entity `AuthIdentity`. + + - This means any fields that were required by Wasp for authentication, like `email`, `password`, `isEmailVerified`, `emailVerificationSentAt`, `passwordResetSentAt`, `username`, etc. + - There are situations in which you might want to keep some of them, e.g. `email` and/or `username`, if they are still relevant for you due to your custom logic (e.g. you are populating them with `userSignupFields` upon social signup in order to have this info easily available on the `User` entity). Note that they won't be used by Wasp Auth anymore, they are here just for your business logic. + +1. In `main.wasp` file, **remove the `externalAuthEntity` field from the `app.auth`** and also **remove the whole `SocialLogin` entity** if you used Google or GitHub auth. +1. **Delete the data migration function(s)** you implemented earlier (e.g. in `src/migrateToNewAuth.ts`) and also the corresponding API endpoints from the `main.wasp` file. +1. **Run `wasp db migrate-dev`** again to apply these changes and remove the redundant fields from the database. + +:::info Migrating a deployed app + + After doing the steps above successfully locally and making sure everything is working, it is time to push these changes to the deployed app again. + + _Deploy the app again_, either via `wasp deploy` or manually. Check our [Deployment docs](advanced/deployment/overview.md) for more details. + + The database migrations will automatically run on successful deployment of the server and delete the now redundant auth-related `User` columns from the database. + + Your app is now fully migrated to the new auth system. + +::: + +### Next Steps + +If you made it this far, you've completed all the necessary steps to get your +Wasp app working with Wasp 0.12.x. Nice work! + +Finally, since Wasp no longer requires you to separate your client source files +(previously in `src/client`) from server source files (previously in +`src/server`), you are now free to reorganize your project however you think is best, +as long as you keep all the source files in the `src/` directory. + +This section is optional, but if you didn't like the server/client +separation, now's the perfect time to change it. + +For example, if your `src` dir looked like this: + +``` +src +β”‚ +β”œβ”€β”€ client +β”‚Β Β  β”œβ”€β”€ Dashboard.tsx +β”‚Β Β  β”œβ”€β”€ Login.tsx +β”‚Β Β  β”œβ”€β”€ MainPage.tsx +β”‚Β Β  β”œβ”€β”€ Register.tsx +β”‚Β Β  β”œβ”€β”€ Task.css +β”‚Β Β  β”œβ”€β”€ TaskLisk.tsx +β”‚Β Β  β”œβ”€β”€ Task.tsx +β”‚Β Β  └── User.tsx +β”œβ”€β”€ server +β”‚Β Β  β”œβ”€β”€ taskActions.ts +β”‚Β Β  β”œβ”€β”€ taskQueries.ts +β”‚Β Β  β”œβ”€β”€ userActions.ts +β”‚Β Β  └── userQueries.ts +└── shared + └── utils.ts +``` + +you can now change it to a feature-based structure (which we recommend for any project that is not very small): + +``` +src +β”‚ +β”œβ”€β”€ task +β”‚Β Β  β”œβ”€β”€ actions.ts -- former taskActions.ts +β”‚Β Β  β”œβ”€β”€ queries.ts -- former taskQueries.ts +β”‚Β Β  β”œβ”€β”€ Task.css +β”‚Β Β  β”œβ”€β”€ TaskLisk.tsx +β”‚Β Β  └── Task.tsx +β”œβ”€β”€ user +β”‚Β Β  β”œβ”€β”€ actions.ts -- former userActions.ts +β”‚Β Β  β”œβ”€β”€ Dashboard.tsx +β”‚Β Β  β”œβ”€β”€ Login.tsx +β”‚Β Β  β”œβ”€β”€ queries.ts -- former userQueries.ts +β”‚Β Β  β”œβ”€β”€ Register.tsx +β”‚Β Β  └── User.tsx +β”œβ”€β”€ MainPage.tsx +└── utils.ts +``` + + +## Appendix + +### Example Data Migration Functions + +The migration functions provided below are written with the typical use cases in mind and you can use them as-is. If your setup requires additional logic, you can use them as a good starting point and modify them to your needs. + +Note that all of the functions below are written to be idempotent, meaning that running a function multiple times can't hurt. This allows executing a function again in case only a part of the previous execution succeeded and also means that accidentally running it one time too much won't have any negative effects. **We recommend you keep your data migration functions idempotent**. + +#### Username & Password + +To successfully migrate the users using the Username & Password auth method, you will need to do two things: +1. Migrate the user data + +
    + Username & Password data migration function + + ```wasp title="main.wasp" + api migrateUsernameAndPassword { + httpRoute: (GET, "/migrate-username-and-password"), + fn: import { migrateUsernameAndPasswordHandler } from "@src/migrateToNewAuth", + entities: [] + } + ``` + + ```ts title="src/migrateToNewAuth.ts" + import { prisma } from "wasp/server"; + import { type ProviderName, type UsernameProviderData } from "wasp/server/auth"; + import { MigrateUsernameAndPassword } from "wasp/server/api"; + + export const migrateUsernameAndPasswordHandler: MigrateUsernameAndPassword = + async (_req, res) => { + const result = await migrateUsernameAuth(); + + res.status(200).json({ message: "Migrated users to the new auth", result }); + }; + + async function migrateUsernameAuth(): Promise<{ + numUsersAlreadyMigrated: number; + numUsersNotUsingThisAuthMethod: number; + numUsersMigratedSuccessfully: number; + }> { + const users = await prisma.user.findMany({ + include: { + auth: true, + }, + }); + + const result = { + numUsersAlreadyMigrated: 0, + numUsersNotUsingThisAuthMethod: 0, + numUsersMigratedSuccessfully: 0, + }; + + for (const user of users) { + if (user.auth) { + result.numUsersAlreadyMigrated++; + console.log("Skipping user (already migrated) with id:", user.id); + continue; + } + + if (!user.username || !user.password) { + result.numUsersNotUsingThisAuthMethod++; + console.log("Skipping user (not using username auth) with id:", user.id); + continue; + } + + const providerData: UsernameProviderData = { + hashedPassword: user.password, + }; + const providerName: ProviderName = "username"; + + await prisma.auth.create({ + data: { + identities: { + create: { + providerName, + providerUserId: user.username.toLowerCase(), + providerData: JSON.stringify(providerData), + }, + }, + user: { + connect: { + id: user.id, + }, + }, + }, + }); + result.numUsersMigratedSuccessfully++; + } + + return result; + } + ``` + +
    + +2. Provide a way for users to migrate their password + + There is a **breaking change between the old and the new auth in the way the password is hashed**. This means that users will need to migrate their password after the migration, as the old password will no longer work. + + Since the only way users using username and password as a login method can verify their identity is by providing both their username and password (there is no email or any other info, unless you asked for it and stored it explicitly), we need to provide them a way to **exchange their old password for a new password**. One way to handle this is to inform them about the need to migrate their password (on the login page) and provide a custom page to migrate the password. + +
    + + Steps to create a custom page for migrating the password + + + 1. You will need to install the `secure-password` and `sodium-native` packages to use the old hashing algorithm: + + ```bash + npm install secure-password@4.0.0 sodium-native@3.3.0 --save-exact + ``` + + Make sure to save the exact versions of the packages. + + 2. Then you'll need to create a new page in your app where users can migrate their password. You can use the following code as a starting point: + + + + +```wasp title="main.wasp" +route MigratePasswordRoute { path: "/migrate-password", to: MigratePassword } +page MigratePassword { + component: import { MigratePasswordPage } from "@src/pages/MigratePassword" +} +``` + +```jsx title="src/pages/MigratePassword.jsx" +import { + FormItemGroup, + FormLabel, + FormInput, + FormError, +} from "wasp/client/auth"; +import { useForm } from "react-hook-form"; +import { migratePassword } from "wasp/client/operations"; +import { useState } from "react"; + +export function MigratePasswordPage() { + const [successMessage, setSuccessMessage] = useState(null); + const [errorMessage, setErrorMessage] = useState(null); + const form = useForm(); + + const onSubmit = form.handleSubmit(async (data) => { + try { + const result = await migratePassword(data); + setSuccessMessage(result.message); + } catch (e) { + console.error(e); + if (e instanceof Error) { + setErrorMessage(e.message); + } + } + }); + + return ( +
    +

    Migrate your password

    +

    + If you have an account on the old version of the website, you can + migrate your password to the new version. +

    + {successMessage &&
    {successMessage}
    } + {errorMessage && {errorMessage}} +
    + + Username + + {form.formState.errors.username?.message} + + + Password + + {form.formState.errors.password?.message} + + +
    +
    + ); +} +``` + +     + + +```wasp title="main.wasp" +route MigratePasswordRoute { path: "/migrate-password", to: MigratePassword } +page MigratePassword { + component: import { MigratePasswordPage } from "@src/pages/MigratePassword" +} +``` + +```tsx title="src/pages/MigratePassword.tsx" +import { + FormItemGroup, + FormLabel, + FormInput, + FormError, +} from "wasp/client/auth"; +import { useForm } from "react-hook-form"; +import { migratePassword } from "wasp/client/operations"; +import { useState } from "react"; + +export function MigratePasswordPage() { + const [successMessage, setSuccessMessage] = useState(null); + const [errorMessage, setErrorMessage] = useState(null); + const form = useForm<{ + username: string; + password: string; + }>(); + + const onSubmit = form.handleSubmit(async (data) => { + try { + const result = await migratePassword(data); + setSuccessMessage(result.message); + } catch (e: unknown) { + console.error(e); + if (e instanceof Error) { + setErrorMessage(e.message); + } + } + }); + + return ( +
    +

    Migrate your password

    +

    + If you have an account on the old version of the website, you can + migrate your password to the new version. +

    + {successMessage &&
    {successMessage}
    } + {errorMessage && {errorMessage}} +
    + + Username + + {form.formState.errors.username?.message} + + + Password + + {form.formState.errors.password?.message} + + +
    +
    + ); +} +``` + +     +     + + 3. Finally, you will need to create a new operation in your app to handle the password migration. You can use the following code as a starting point: + + + + + +```wasp title="main.wasp" +action migratePassword { + fn: import { migratePassword } from "@src/auth", + entities: [] +} +``` + +```js title="src/auth.js" +import SecurePassword from "secure-password"; +import { HttpError } from "wasp/server"; +import { + createProviderId, + deserializeAndSanitizeProviderData, + findAuthIdentity, + updateAuthIdentityProviderData, +} from "wasp/server/auth"; + +export const migratePassword = async ({ password, username }, _context) => { + const providerId = createProviderId("username", username); + const authIdentity = await findAuthIdentity(providerId); + + if (!authIdentity) { + throw new HttpError(400, "Something went wrong"); + } + + const providerData = deserializeAndSanitizeProviderData( + authIdentity.providerData + ); + + try { + const SP = new SecurePassword(); + + // This will verify the password using the old algorithm + const result = await SP.verify( + Buffer.from(password), + Buffer.from(providerData.hashedPassword, "base64") + ); + + if (result !== SecurePassword.VALID) { + throw new HttpError(400, "Something went wrong"); + } + + // This will hash the password using the new algorithm and update the + // provider data in the database. + await updateAuthIdentityProviderData(providerId, providerData, { + hashedPassword: password, + }); + } catch (e) { + throw new HttpError(400, "Something went wrong"); + } + + return { + message: "Password migrated successfully.", + }; +}; +``` + + + + +```wasp title="main.wasp" +action migratePassword { + fn: import { migratePassword } from "@src/auth", + entities: [] +} +``` + +```ts title="src/auth.ts" +import SecurePassword from "secure-password"; +import { HttpError } from "wasp/server"; +import { + createProviderId, + deserializeAndSanitizeProviderData, + findAuthIdentity, + updateAuthIdentityProviderData, +} from "wasp/server/auth"; +import { MigratePassword } from "wasp/server/operations"; + +type MigratePasswordInput = { + username: string; + password: string; +}; +type MigratePasswordOutput = { + message: string; +}; + +export const migratePassword: MigratePassword< + MigratePasswordInput, + MigratePasswordOutput +> = async ({ password, username }, _context) => { + const providerId = createProviderId("username", username); + const authIdentity = await findAuthIdentity(providerId); + + if (!authIdentity) { + throw new HttpError(400, "Something went wrong"); + } + + const providerData = deserializeAndSanitizeProviderData<"username">( + authIdentity.providerData + ); + + try { + const SP = new SecurePassword(); + + // This will verify the password using the old algorithm + const result = await SP.verify( + Buffer.from(password), + Buffer.from(providerData.hashedPassword, "base64") + ); + + if (result !== SecurePassword.VALID) { + throw new HttpError(400, "Something went wrong"); + } + + // This will hash the password using the new algorithm and update the + // provider data in the database. + await updateAuthIdentityProviderData<"username">(providerId, providerData, { + hashedPassword: password, + }); + } catch (e) { + throw new HttpError(400, "Something went wrong"); + } + + return { + message: "Password migrated successfully.", + }; +}; +``` + + + + +
    + + +#### Email + +To successfully migrate the users using the Email auth method, you will need to do two things: +1. Migrate the user data + +
    + Email data migration function + + ```wasp title="main.wasp" + api migrateEmail { + httpRoute: (GET, "/migrate-email"), + fn: import { migrateEmailHandler } from "@src/migrateToNewAuth", + entities: [] + } + ``` + + ```ts title="src/migrateToNewAuth.ts" + import { prisma } from "wasp/server"; + import { type ProviderName, type EmailProviderData } from "wasp/server/auth"; + import { MigrateEmail } from "wasp/server/api"; + + export const migrateEmailHandler: MigrateEmail = + async (_req, res) => { + const result = await migrateEmailAuth(); + + res.status(200).json({ message: "Migrated users to the new auth", result }); + }; + + async function migrateEmailAuth(): Promise<{ + numUsersAlreadyMigrated: number; + numUsersNotUsingThisAuthMethod: number; + numUsersMigratedSuccessfully: number; + }> { + const users = await prisma.user.findMany({ + include: { + auth: true, + }, + }); + + const result = { + numUsersAlreadyMigrated: 0, + numUsersNotUsingThisAuthMethod: 0, + numUsersMigratedSuccessfully: 0, + }; + + for (const user of users) { + if (user.auth) { + result.numUsersAlreadyMigrated++; + console.log("Skipping user (already migrated) with id:", user.id); + continue; + } + + if (!user.email || !user.password) { + result.numUsersNotUsingThisAuthMethod++; + console.log("Skipping user (not using email auth) with id:", user.id); + continue; + } + + const providerData: EmailProviderData = { + isEmailVerified: user.isEmailVerified, + emailVerificationSentAt: + user.emailVerificationSentAt?.toISOString() ?? null, + passwordResetSentAt: user.passwordResetSentAt?.toISOString() ?? null, + hashedPassword: user.password, + }; + const providerName: ProviderName = "email"; + + await prisma.auth.create({ + data: { + identities: { + create: { + providerName, + providerUserId: user.email, + providerData: JSON.stringify(providerData), + }, + }, + user: { + connect: { + id: user.id, + }, + }, + }, + }); + result.numUsersMigratedSuccessfully++; + } + + return result; + } + ``` + +
    + +2. Ask the users to reset their password + + There is a **breaking change between the old and the new auth in the way the password is hashed**. This means that users will need to reset their password after the migration, as the old password will no longer work. + + It would be best to notify your users about this change and put a notice on your login page to **request a password reset**. + +#### Google & GitHub + +
    +Google & GitHub data migration functions + +```wasp title="main.wasp" +api migrateGoogle { + httpRoute: (GET, "/migrate-google"), + fn: import { migrateGoogleHandler } from "@src/migrateToNewAuth", + entities: [] +} + +api migrateGithub { + httpRoute: (GET, "/migrate-github"), + fn: import { migrateGithubHandler } from "@src/migrateToNewAuth", + entities: [] +} +``` + +```ts title="src/migrateToNewAuth.ts" +import { prisma } from "wasp/server"; +import { MigrateGoogle, MigrateGithub } from "wasp/server/api"; + +export const migrateGoogleHandler: MigrateGoogle = + async (_req, res) => { + const result = await createSocialLoginMigration("google"); + + res.status(200).json({ message: "Migrated users to the new auth", result }); + }; + +export const migrateGithubHandler: MigrateGithub = + async (_req, res) => { + const result = await createSocialLoginMigration("github"); + + res.status(200).json({ message: "Migrated users to the new auth", result }); + }; + +async function createSocialLoginMigration( + providerName: "google" | "github" +): Promise<{ + numUsersAlreadyMigrated: number; + numUsersNotUsingThisAuthMethod: number; + numUsersMigratedSuccessfully: number; +}> { + const users = await prisma.user.findMany({ + include: { + auth: true, + externalAuthAssociations: true, + }, + }); + + const result = { + numUsersAlreadyMigrated: 0, + numUsersNotUsingThisAuthMethod: 0, + numUsersMigratedSuccessfully: 0, + }; + + for (const user of users) { + if (user.auth) { + result.numUsersAlreadyMigrated++; + console.log("Skipping user (already migrated) with id:", user.id); + continue; + } + + const provider = user.externalAuthAssociations.find( + (provider) => provider.provider === providerName + ); + + if (!provider) { + result.numUsersNotUsingThisAuthMethod++; + console.log(`Skipping user (not using ${providerName} auth) with id:`, user.id); + continue; + } + + await prisma.auth.create({ + data: { + identities: { + create: { + providerName, + providerUserId: provider.providerId, + providerData: JSON.stringify({}), + }, + }, + user: { + connect: { + id: user.id, + }, + }, + }, + }); + result.numUsersMigratedSuccessfully++; + } + + return result; +} +``` + +
    diff --git a/web/versioned_docs/version-0.13.11/migrate-from-0-12-to-0-13.md b/web/versioned_docs/version-0.13.11/migrate-from-0-12-to-0-13.md new file mode 100644 index 0000000000..fb7e5d8270 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/migrate-from-0-12-to-0-13.md @@ -0,0 +1,134 @@ +--- +title: Migration from 0.12.X to 0.13.X +--- + +:::note Are you on 0.11.X or earlier? + +This guide only covers the migration from **0.12.X to 0.13.X**. If you are migrating from 0.11.X or earlier, please read the [migration guide from 0.11.X to 0.12.X](./migrate-from-0-11-to-0-12.md) first. + +::: + +## What's new in 0.13.0? + +### OAuth providers got an overhaul + +Wasp 0.13.0 switches away from using Passport for our OAuth providers in favor of [Arctic](https://arctic.js.org/) from the [Lucia](https://lucia-auth.com/) ecosystem. This change simplifies the codebase and makes it easier to add new OAuth providers in the future. + +### We added Keycloak as an OAuth provider + +Wasp now supports using [Keycloak](https://www.keycloak.org/) as an OAuth provider. + +## How to migrate? + +### Migrate your OAuth setup + +We had to make some breaking changes to upgrade the OAuth setup to the new Arctic lib. + +Follow the steps below to migrate: + +1. **Define the `WASP_SERVER_URL` server env variable** + + In 0.13.0 Wasp introduces a new server env variable `WASP_SERVER_URL` that you need to define. This is the URL of your Wasp server and it's used to generate the redirect URL for the OAuth providers. + + ```bash title="Server env variables" + WASP_SERVER_URL=https://your-wasp-server-url.com + ``` + + In development, Wasp sets the `WASP_SERVER_URL` to `http://localhost:3001` by default. + + :::info Migrating a deployed app + + If you are migrating a deployed app, you will need to define the `WASP_SERVER_URL` server env variable in your deployment environment. + + Read more about setting env variables in production [here](./project/env-vars#defining-env-vars-in-production). + ::: + +2. **Update the redirect URLs** for the OAuth providers + + The redirect URL for the OAuth providers has changed. You will need to update the redirect URL for the OAuth providers in the provider's dashboard. + + + + + ``` + {clientUrl}/auth/login/{provider} + ``` + + + + ``` + {serverUrl}/auth/{provider}/callback + ``` + + + + Check the new redirect URLs for [Google](./auth/social-auth/google.md#3-creating-a-google-oauth-app) and [GitHub](./auth/social-auth/github.md#3-creating-a-github-oauth-app) in Wasp's docs. + +3. **Update the `configFn`** for the OAuth providers + + If you didn't use the `configFn` option, you can skip this step. + + If you used the `configFn` to configure the `scope` for the OAuth providers, you will need to rename the `scope` property to `scopes`. + + Also, the object returned from `configFn` no longer needs to include the Client ID and the Client Secret. You can remove them from the object that `configFn` returns. + + + + + ```ts title="google.ts" + export function getConfig() { + return { + clientID: process.env.GOOGLE_CLIENT_ID, + clientSecret: process.env.GOOGLE_CLIENT_SECRET, + scope: ['profile', 'email'], + } + } + ``` + + + + + ```ts title="google.ts" + export function getConfig() { + return { + scopes: ['profile', 'email'], + } + } + ``` + + + +4. **Update the `userSignupFields` fields** to use the new `profile` format + + If you didn't use the `userSignupFields` option, you can skip this step. + + The data format for the `profile` that you receive from the OAuth providers has changed. You will need to update your code to reflect this change. + + + + + ```ts title="google.ts" + import { defineUserSignupFields } from 'wasp/server/auth' + + export const userSignupFields = defineUserSignupFields({ + displayName: (data: any) => data.profile.displayName, + }) + ``` + + + + ```ts title="google.ts" + import { defineUserSignupFields } from 'wasp/server/auth' + + export const userSignupFields = defineUserSignupFields({ + displayName: (data: any) => data.profile.name, + }) + ``` + + + + Wasp now directly forwards what it receives from the OAuth providers. You can check the data format for [Google](./auth/social-auth/google.md#data-received-from-google) and [GitHub](./auth/social-auth/github.md#data-received-from-github) in Wasp's docs. + +That's it! + +You should now be able to run your app with the new Wasp 0.13.0. \ No newline at end of file diff --git a/web/versioned_docs/version-0.13.11/project/_baseDirEnvNote.md b/web/versioned_docs/version-0.13.11/project/_baseDirEnvNote.md new file mode 100644 index 0000000000..472263cc6a --- /dev/null +++ b/web/versioned_docs/version-0.13.11/project/_baseDirEnvNote.md @@ -0,0 +1,6 @@ +:::caution Setting the correct env variable + +If you set the `baseDir` option, make sure that the `WASP_WEB_CLIENT_URL` env variable also includes that base directory. + +For example, if you are serving your app from `https://example.com/my-app`, the `WASP_WEB_CLIENT_URL` should be also set to `https://example.com/my-app`, and not just `https://example.com`. +::: \ No newline at end of file diff --git a/web/versioned_docs/version-0.13.11/project/client-config.md b/web/versioned_docs/version-0.13.11/project/client-config.md new file mode 100644 index 0000000000..abb5272e3a --- /dev/null +++ b/web/versioned_docs/version-0.13.11/project/client-config.md @@ -0,0 +1,449 @@ +--- +title: Client Config +--- + +import BaseDirEnvNote from './_baseDirEnvNote.md' + +import { ShowForTs, ShowForJs } from '@site/src/components/TsJsHelpers' + +You can configure the client using the `client` field inside the `app` declaration: + + + + +```wasp title="main.wasp" +app MyApp { + title: "My app", + // ... + client: { + rootComponent: import Root from "@src/Root.jsx", + setupFn: import mySetupFunction from "@src/myClientSetupCode.js" + } +} +``` + + + + +```wasp title="main.wasp" +app MyApp { + title: "My app", + // ... + client: { + rootComponent: import Root from "@src/Root.tsx", + setupFn: import mySetupFunction from "@src/myClientSetupCode.ts" + } +} +``` + + + + +## Root Component + +Wasp gives you the option to define a "wrapper" component for your React app. + +It can be used for a variety of purposes, but the most common ones are: + +- Defining a common layout for your application. +- Setting up various providers that your application needs. + +### Defining a Common Layout + +Let's define a common layout for your application: + + + + +```wasp title="main.wasp" +app MyApp { + title: "My app", + // ... + client: { + rootComponent: import Root from "@src/Root.jsx", + } +} +``` + +```jsx title="src/Root.jsx" +export default function Root({ children }) { + return ( +
    +
    +

    My App

    +
    + {children} +
    +

    My App footer

    +
    +
    + ) +} +``` + +     + + +```wasp title="main.wasp" +app MyApp { + title: "My app", + // ... + client: { + rootComponent: import Root from "@src/Root.tsx", + } +} +``` + +```tsx title="src/Root.tsx" +export default function Root({ children }: { children: React.ReactNode }) { + return ( +
    +
    +

    My App

    +
    + {children} +
    +

    My App footer

    +
    +
    + ) +} +``` + +     +     + +### Setting up a Provider + +This is how to set up various providers that your application needs: + + + + +```wasp title="main.wasp" +app MyApp { + title: "My app", + // ... + client: { + rootComponent: import Root from "@src/Root.jsx", + } +} +``` + +```jsx title="src/Root.jsx" +import store from './store' +import { Provider } from 'react-redux' + +export default function Root({ children }) { + return {children} +} +``` + + + + +```wasp title="main.wasp" +app MyApp { + title: "My app", + // ... + client: { + rootComponent: import Root from "@src/Root.tsx", + } +} +``` + +```tsx title="src/Root.tsx" +import store from './store' +import { Provider } from 'react-redux' + +export default function Root({ children }: { children: React.ReactNode }) { + return {children} +} +``` + + + + +As long as you render the children, you can do whatever you want in your root +component. + +Read more about the root component in the [API Reference](#rootcomponent-extimport). + +## Setup Function + +`setupFn` declares a TypescriptJavaScript function that Wasp executes on the client before everything else. + +### Running Some Code + +We can run any code we want in the setup function. + +For example, here's a setup function that logs a message every hour: + + + + +```js title="src/myClientSetupCode.js" +export default async function mySetupFunction() { + let count = 1 + setInterval( + () => console.log(`You have been online for ${count++} hours.`), + 1000 * 60 * 60 + ) +} +``` + + + + +```ts title="src/myClientSetupCode.ts" +export default async function mySetupFunction(): Promise { + let count = 1 + setInterval( + () => console.log(`You have been online for ${count++} hours.`), + 1000 * 60 * 60 + ) +} +``` + + + + +### Overriding Default Behaviour for Queries + +:::info +You can change the options for a **single** Query using the `options` object, as described [here](../data-model/operations/queries#the-usequery-hook-1). +::: + +Wasp's `useQuery` hook uses `react-query`'s `useQuery` hook under the hood. Since `react-query` comes configured with aggressive but sane default options, you most likely won't have to change those defaults for all Queries. + +If you do need to change the global defaults, you can do so inside the client setup function. + +Wasp exposes a `configureQueryClient` hook that lets you configure _react-query_'s `QueryClient` object: + + + + +```js title="src/myClientSetupCode.js" +import { configureQueryClient } from 'wasp/client/operations' + +export default async function mySetupFunction() { + // ... some setup + configureQueryClient({ + defaultOptions: { + queries: { + staleTime: Infinity, + }, + }, + }) + // ... some more setup +} +``` + + + + +```ts title="src/myClientSetupCode.ts" +import { configureQueryClient } from 'wasp/client/operations' + +export default async function mySetupFunction(): Promise { + // ... some setup + configureQueryClient({ + defaultOptions: { + queries: { + staleTime: Infinity, + }, + }, + }) + // ... some more setup +} +``` + + + + +Make sure to pass in an object expected by the `QueryClient`'s constructor, as +explained in +[react-query's docs](https://tanstack.com/query/v4/docs/react/reference/QueryClient). + +Read more about the setup function in the [API Reference](#setupfn-extimport). + +## Base Directory + +If you need to serve the client from a subdirectory, you can use the `baseDir` option: + +```wasp title="main.wasp" +app MyApp { + title: "My app", + // ... + client: { + baseDir: "/my-app", + } +} +``` + +This means that if you serve your app from `https://example.com/my-app`, the +router will work correctly, and all the assets will be served from +`https://example.com/my-app`. + + + +## API Reference + + + + +```wasp title="main.wasp" +app MyApp { + title: "My app", + // ... + client: { + rootComponent: import Root from "@src/Root.jsx", + setupFn: import mySetupFunction from "@src/myClientSetupCode.js" + } +} +``` + + + + +```wasp title="main.wasp" +app MyApp { + title: "My app", + // ... + client: { + rootComponent: import Root from "@src/Root.tsx", + setupFn: import mySetupFunction from "@src/myClientSetupCode.ts", + baseDir: "/my-app", + } +} +``` + + + + +Client has the following options: + +- #### `rootComponent: ExtImport` + + `rootComponent` defines the root component of your client application. It is + expected to be a React component, and Wasp will use it to wrap your entire app. + It must render its children, which are the actual pages of your application. + + Here's an example of a root component that both sets up a provider and + renders a custom layout: + + + + + ```jsx title="src/Root.jsx" + import store from './store' + import { Provider } from 'react-redux' + + export default function Root({ children }) { + return ( + + {children} + + ) + } + + function Layout({ children }) { + return ( +
    +
    +

    My App

    +
    + {children} +
    +

    My App footer

    +
    +
    + ) + } + ``` + +     + + + ```tsx title="src/Root.tsx" + import store from './store' + import { Provider } from 'react-redux' + + export default function Root({ children }: { children: React.ReactNode }) { + return ( + + {children} + + ) + } + + function Layout({ children }: { children: React.ReactNode }) { + return ( +
    +
    +

    My App

    +
    + {children} +
    +

    My App footer

    +
    +
    + ) + } + ``` + +     +     + +- #### `setupFn: ExtImport` + + + + `setupFn` declares a Typescript function that Wasp executes on the client + before everything else. It is expected to be asynchronous, and + Wasp will await its completion before rendering the page. The function takes no + arguments, and its return value is ignored. + + + + + `setupFn` declares a JavaScript function that Wasp executes on the client + before everything else. It is expected to be asynchronous, and + Wasp will await its completion before rendering the page. The function takes no + arguments, and its return value is ignored. + + + You can use this function to perform any custom setup (e.g., setting up + client-side periodic jobs). + + + + + ```js title="src/myClientSetupCode.js" + export default async function mySetupFunction() { + // Run some code + } + ``` + + + + + ```ts title="src/myClientSetupCode.ts" + export default async function mySetupFunction(): Promise { + // Run some code + } + ``` + + + + +- #### `baseDir: String` + + If you need to serve the client from a subdirectory, you can use the `baseDir` option. + + If you set `baseDir` to `/my-app` for example, that will make Wasp set the `basename` prop of the `Router` to + `/my-app`. It will also set the `base` option of the Vite config to `/my-app`. + + This means that if you serve your app from `https://example.com/my-app`, the router will work correctly, and all the assets will be served from `https://example.com/my-app`. + + diff --git a/web/versioned_docs/version-0.13.11/project/css-frameworks.md b/web/versioned_docs/version-0.13.11/project/css-frameworks.md new file mode 100644 index 0000000000..48c150809d --- /dev/null +++ b/web/versioned_docs/version-0.13.11/project/css-frameworks.md @@ -0,0 +1,110 @@ +--- +title: CSS Frameworks +--- + +import useBaseUrl from '@docusaurus/useBaseUrl'; + +## Tailwind + +To enable support for Tailwind in your project, you need to add two config files β€” [`tailwind.config.cjs`](https://tailwindcss.com/docs/configuration#configuration-options) and `postcss.config.cjs` β€” to the root directory. + +With these files present, Wasp installs the necessary dependencies and copies your configuration to the generated project. You can then use [Tailwind CSS directives](https://tailwindcss.com/docs/functions-and-directives#directives) in your CSS and Tailwind classes on your React components. + +```bash title="tree ." +. +β”œβ”€β”€ main.wasp +β”œβ”€β”€ package.json +β”œβ”€β”€ src +β”‚Β Β  β”œβ”€β”€ Main.css +β”‚Β Β  β”œβ”€β”€ MainPage.jsx +β”‚Β Β  β”œβ”€β”€ vite-env.d.ts +β”‚Β Β  └── waspLogo.png +β”œβ”€β”€ public +β”œβ”€β”€ tsconfig.json +β”œβ”€β”€ vite.config.ts +# highlight-start +β”œβ”€β”€ postcss.config.cjs +└── tailwind.config.cjs +# highlight-end +``` + +:::tip Tailwind not working? +If you can not use Tailwind after adding the required config files, make sure to restart `wasp start`. This is sometimes needed to ensure that Wasp picks up the changes and enables Tailwind integration. +::: + +### Enabling Tailwind Step-by-Step + +:::caution +Make sure to use the `.cjs` extension for these config files, if you name them with a `.js` extension, Wasp will not detect them. +::: + +1. Add `./tailwind.config.cjs`. + + ```js title="./tailwind.config.cjs" + const { resolveProjectPath } = require('wasp/dev') + + /** @type {import('tailwindcss').Config} */ + module.exports = { + content: [resolveProjectPath('./src/**/*.{js,jsx,ts,tsx}')], + theme: { + extend: {}, + }, + plugins: [], + } + ``` + +2. Add `./postcss.config.cjs`. + + ```js title="./postcss.config.cjs" + module.exports = { + plugins: { + tailwindcss: {}, + autoprefixer: {}, + }, + } + ``` + +3. Import Tailwind into your CSS file. For example, in a new project you might import Tailwind into `Main.css`. + + ```css title="./src/Main.css" {1-3} + @tailwind base; + @tailwind components; + @tailwind utilities; + + /* ... */ + ``` + +4. Start using Tailwind πŸ₯³ + + ```jsx title="./src/MainPage.jsx" + // ... + +

    + Hello world! +

    + + // ... + ``` + +### Adding Tailwind Plugins + +To add Tailwind plugins, install them as npm development [dependencies](../project/dependencies) and add them to the plugins list in your `tailwind.config.cjs` file: + +```shell +npm install -D @tailwindcss/forms +npm install -D @tailwindcss/typography +``` + +and also + +```js title="./tailwind.config.cjs" {5-6} +/** @type {import('tailwindcss').Config} */ +module.exports = { + // ... + plugins: [ + require('@tailwindcss/forms'), + require('@tailwindcss/typography'), + ], + // ... +} +``` diff --git a/web/versioned_docs/version-0.13.11/project/custom-vite-config.md b/web/versioned_docs/version-0.13.11/project/custom-vite-config.md new file mode 100644 index 0000000000..8b61322ace --- /dev/null +++ b/web/versioned_docs/version-0.13.11/project/custom-vite-config.md @@ -0,0 +1,122 @@ +--- +title: Custom Vite Config +--- + +import { ShowForTs, ShowForJs } from '@site/src/components/TsJsHelpers' + +Wasp uses [Vite](https://vitejs.dev/) to serve the client during development and bundling it for production. If you want to customize the Vite config, you can do that by editing the `vite.config.{js,ts}` file in your project root directory. + +Wasp will use your config and **merge** it with the default Wasp's Vite config. + +Vite config customization can be useful for things like: + +- Adding custom Vite plugins. +- Customising the dev server. +- Customising the build process. + +Be careful with making changes to the Vite config, as it can break the Wasp's client build process. Check out the default Vite config [here](https://github.com/wasp-lang/wasp/blob/release/waspc/data/Generator/templates/react-app/vite.config.ts) to see what you can change. + +## Examples + +Below are some examples of how you can customize the Vite config. + +### Changing the Dev Server Behaviour + +If you want to stop Vite from opening the browser automatically when you run `wasp start`, you can do that by customizing the `open` option. + + + + +```js title="vite.config.js" +export default { + server: { + open: false, + }, +} +``` + + + + +```ts title="vite.config.ts" +import { defineConfig } from 'vite' + +export default defineConfig({ + server: { + open: false, + }, +}) +``` + + + + +### Custom Dev Server Port + +You have access to all of the [Vite dev server options](https://vitejs.dev/config/server-options.html) in your custom Vite config. You can change the dev server port by setting the `port` option. + + + + +```js title="vite.config.js" +export default { + server: { + port: 4000, + }, +} +``` + +```env title=".env.server" +WASP_WEB_CLIENT_URL=http://localhost:4000 +``` + + + + +```ts title="vite.config.ts" +import { defineConfig } from 'vite' + +export default defineConfig({ + server: { + port: 4000, + }, +}) +``` + +```env title=".env.server" +WASP_WEB_CLIENT_URL=http://localhost:4000 +``` + + + + +:::warning Changing the dev server port +⚠️ Be careful when changing the dev server port, you'll need to update the `WASP_WEB_CLIENT_URL` env var in your `.env.server` file. +::: + +### Customising the Base Path + +If you, for example, want to serve the client from a different path than `/`, you can do that by customizing the `base` option. + + + + +```js title="vite.config.js" +export default { + base: '/my-app/', +} +``` + + + + +```ts title="vite.config.ts" +import { defineConfig } from 'vite' + +export default defineConfig({ + base: '/my-app/', +}) +``` + + + diff --git a/web/versioned_docs/version-0.13.11/project/customizing-app.md b/web/versioned_docs/version-0.13.11/project/customizing-app.md new file mode 100644 index 0000000000..1d569a4329 --- /dev/null +++ b/web/versioned_docs/version-0.13.11/project/customizing-app.md @@ -0,0 +1,133 @@ +--- +title: Customizing the App +--- + +import { Required } from '@site/src/components/Tag'; + +Each Wasp project can have only one `app` type declaration. It is used to configure your app and its components. + +```wasp +app todoApp { + wasp: { + version: "^0.13.0" + }, + title: "ToDo App", + head: [ + "" + ] +} +``` + +We'll go through some common customizations you might want to do to your app. For more details on each of the fields, check out the [API Reference](#api-reference). + +### Changing the App Title + +You may want to change the title of your app, which appears in the browser tab, next to the favicon. You can change it by changing the `title` field of your `app` declaration: + +```wasp +app myApp { + wasp: { + version: "^0.13.0" + }, + title: "BookFace" +} +``` + +### Adding Additional Lines to the Head + +If you are looking to add additional style sheets or scripts to your app, you can do so by adding them to the `head` field of your `app` declaration. + +An example of adding extra style sheets and scripts: + +```wasp +app myApp { + wasp: { + version: "^0.13.0" + }, + title: "My App", + head: [ // optional + "", + "", + "" + ] +} +``` + +## API Reference + +```wasp +app todoApp { + wasp: { + version: "^0.13.0" + }, + title: "ToDo App", + head: [ + "" + ], + auth: { + // ... + }, + client: { + // ... + }, + server: { + // ... + }, + db: { + // ... + }, + emailSender: { + // ... + }, + webSocket: { + // ... + } +} +``` + +The `app` declaration has the following fields: + +- `wasp: dict` + Wasp compiler configuration. It is a dictionary with a single field: + + - `version: string` + + The version specifies which versions of Wasp are compatible with the app. It should contain a valid [SemVer range](https://github.com/npm/node-semver#ranges) + + :::info + For now, the version field only supports caret ranges (i.e., `^x.y.z`). Support for the full specification will come in a future version of Wasp + ::: + +- `title: string` + + Title of your app. It will appear in the browser tab, next to the favicon. + +- `head: [string]` + + List of additional lines (e.g. `` or `