Life Saver: Auth APIs
User management, authorisation, session management are difficult and extremely time consuming parts of any project. Hasura’s Auth service provides APIs that takes care of everything from signing up users, login, account verification, social login, captcha and everything else that is required.
I had mentioned about user roles in my previous post about Data APIs. It is possible to assign different roles to users with each role having a set of permissions. This allows us to restrict access to only the required data.
The service providers will have a role, different from the users, with different set of access rights.
Sample Queries
Almost all auth requests for Life Saver are proxied through a custom service running on Hasura, as most of them involve a combination of multiple data and auth queries.
User signup
A temporary ID is assigned when a user signs up. Once the phone number is verified, a user_id is given.
Service provider signup
Similar to user signup, a temporary ID is assigned, after the phone number is verified a sp_id is given. The type attribute specifies the type of service provider: fire service/ambulance/police.
OTP verification
Once the user/service provider signs up, an OTP is sent to their mobile number to verify it.
Login
The user/service provider can login by specifying their mobile number, an OTP is sent to their mobile number to verify it.
Postman Collection of all Auth API requests can be found here.
