- Hasura Platform
- Getting started
- Installing the Hasura CLI
- The complete tutorial
- GraphQL tutorial
- Hasura project
- Hasura cluster
- Project microservices
- API Console
- Auth
- Data (GraphQL/JSON APIs)
- Filestore
- Notify (Sending emails/SMS)
- Postgres
- API gateway
- Hasura Hub
- Hasura CLI reference
- Hasura API reference
- Guides
- Installing Hasura on a Kubernetes Cluster
- Hasura architecture
- Billing for Hasura
- Moving to v0.16 from v0.15
- Moving to v0.15 from older versions
Mobile/OTP based authentication¶
This provider supports mobile based password-less authentication. The way it works is that user’s mobile number is used to send an OTP (one time password) on their mobile phone. Once they receive the OTP, they can use that to signup or login.
Note
For this provider to send OTP via SMS, you have to enable an SMS provider in the Hasura notify microservice.
Configuration¶
You can configure mobile/OTP provider settings in the conf/auth.yaml file in your project. Find a top level key called mobile in the auth.yaml file. By default the mobile conf looks like this:
mobile:
# Template for the SMS that is sent. This is a Jinja template. Leave the
# "{{otp}}" as it is. It will be used by the auth service to inject the
# actual token.
smsTemplate: |
Verify your acccount with {{ cluster.name }}! Your OTP is {{ "{{otp}}" }}.
# OTP expiry time in minutes
otpExpiryTime: "15"
# OTP length is optional. default value is 6
otpLength: "6"
You can modify it as you wish and then apply the modifcations to the cluster by running a git push:
$ git add conf/auth.yaml
$ git commit -m "Changed conf for Mobile/OTP provider"
$ git push hasura master
API¶
Signup¶
To signup a user, first the user has to get an OTP on their mobile number.
To get an OTP, use the /v1/providers/mobile/send-otp endpoint.
POST auth.<cluster-name>.hasura-app.io/v1/providers/mobile/send-otp HTTP/1.1
Content-Type: application/json
{
"mobile": "9876543210",
"country_code": "91"
}
Once the OTP is obtained, then the user should make a signup request.
POST auth.<cluster-name>.hasura-app.io/v1/signup HTTP/1.1
Content-Type: application/json
{
"provider" : "mobile",
"data" : {
"mobile": "9876543210",
"country_code": "91",
"otp": "123456"
}
}
If the request is successful, Hasura auth will create and login the user.
Typical response of the /v1/signup request is :
HTTP/1.1 200 OK
Content-Type: application/json
{
"auth_token": "b4b345f980ai4acua671ac7r1c37f285f8f62e29f5090306",
"mobile": "9876543210",
"hasura_id": 79,
"hasura_roles": [
"user"
]
}
auth_tokenis the authentication token of the user for the current session.hasura_rolesis a list of all roles assigned to the user.hasura_idis the Hasura identifier of the user.
Login¶
To login a user, first the user has to get an OTP on their mobile number.
To get an OTP, use the /v1/providers/mobile/send-otp endpoint.
POST auth.<cluster-name>.hasura-app.io/v1/providers/mobile/send-otp HTTP/1.1
Content-Type: application/json
{
"mobile": "9876543210",
"country_code": "91"
}
Once the OTP is obtained, then the user should make a login request.
POST auth.<cluster-name>.hasura-app.io/v1/login HTTP/1.1
Content-Type: application/json
{
"provider" : "mobile",
"data" : {
"mobile": "9876543210",
"country_code": "91",
"otp": "123456"
}
}
If the request is successful, Hasura auth will login the user.
Typical response of the /v1/login request is :
HTTP/1.1 200 OK
Content-Type: application/json
{
"auth_token": "b4b345f980ai4acua671ac7r1c37f285f8f62e29f5090306",
"mobile": "9876543210",
"hasura_id": 79,
"hasura_roles": [
"user"
]
}
auth_tokenis the authentication token of the user for the current session.hasura_rolesis a list of all roles assigned to the user.hasura_idis the Hasura identifier of the user.
Get user info¶
To get the logged in user’s details, or to check if a session token is valid you can use this endpoint.
Make a request to the endpoint: /v1/user/info.
GET auth.<cluster-name>.hasura-app.io/v1/user/info HTTP/1.1
Content-Type: application/json
Authorization: Bearer <auth_token>
Typical response is :
HTTP/1.1 200 OK
Content-Type: application/json
{
"auth_token": "b4b345f980ai4acua671ac7r1c37f285f8f62e29f5090306",
"mobile": "9876543210",
"hasura_id": 79,
"hasura_roles": [
"user"
]
}
auth_tokenis the authentication token of the user for the current session.hasura_rolesis an array of all roles assigned to the user.hasura_idis the Hasura identifier of the user.
Logout¶
To logout a user, make the following request.
POST auth.<cluster-name>.hasura-app.io/v1/user/logout HTTP/1.1
Authorization: Bearer <auth_token>
Note
The logout request is a POST request with an empty body.
