- Hasura Platform
- Getting started
- Installing the Hasura CLI
- The complete tutorial
- GraphQL tutorial
- Hasura project
- Hasura cluster
- Project microservices
- API Console
- Auth
- Data (GraphQL/JSON APIs)
- Filestore
- Notify (Sending emails/SMS)
- Postgres
- API gateway
- Hasura Hub
- Hasura CLI reference
- Hasura API reference
- Guides
- Installing Hasura on a Kubernetes Cluster
- Hasura architecture
- Billing for Hasura
- Moving to v0.16 from v0.15
- Moving to v0.15 from older versions
Username based authentication¶
This provider supports basic username/password based authentication. The identity of the user is not verified in this method.
API¶
Signup¶
To signup a user, make a request to the signup endpoint : /v1/signup.
POST auth.<cluster-name>.hasura-app.io/v1/signup HTTP/1.1
Content-Type: application/json
{
"provider" : "username",
"data" : {
"username": "johnsmith",
"password": "somepass123"
}
}
If the signup request is successful, the user is logged in.
Typical response of the /v1/signup request is :
HTTP/1.1 200 OK
Content-Type: application/json
{
"auth_token": "b4b345f980ai4acua671ac7r1c37f285f8f62e29f5090306",
"username": "johnsmith",
"hasura_id": 79,
"hasura_roles": [
"user"
]
}
auth_tokenis the authentication token of the user for the current session.hasura_rolesis a list of all roles assigned to the user.hasura_idis the Hasura identifier of the user.
Login¶
To login a user make a request to the login endpoint: /v1/login.
POST auth.<cluster-name>.hasura-app.io/v1/login HTTP/1.1
Content-Type: application/json
{
"provider" : "username",
"data" : {
"username": "johnsmith",
"password": "somepass123"
}
}
Typical response of the /v1/login request is :
HTTP/1.1 200 OK
Content-Type: application/json
{
"auth_token": "b4b345f980ai4acua671ac7r1c37f285f8f62e29f5090306",
"username": "johnsmith",
"hasura_id": 79,
"hasura_roles": [
"user"
]
}
auth_tokenis the authentication token of the user for the current session.hasura_rolesis an array of all roles assigned to the user.hasura_idis the hasura identifier of the user.
Get user info¶
To get the logged in user’s details, or to check if a session token is valid you can use this endpoint.
Make a request to the endpoint: /v1/user/info.
GET auth.<cluster-name>.hasura-app.io/v1/user/info HTTP/1.1
Content-Type: application/json
Authorization: Bearer <auth_token>
Typical response is :
HTTP/1.1 200 OK
Content-Type: application/json
{
"auth_token": "b4b345f980ai4acua671ac7r1c37f285f8f62e29f5090306",
"username": "johnsmith",
"hasura_id": 79,
"hasura_roles": [
"user"
]
}
auth_tokenis the authentication token of the user for the current session.hasura_rolesis an array of all roles assigned to the user.hasura_idis the Hasura identifier of the user.
Logout¶
To logout a user, make the following request.
POST auth.<cluster-name>.hasura-app.io/v1/user/logout HTTP/1.1
Authorization: Bearer <auth_token>
Note
The logout request is a POST request with an empty body.
Change password¶
If the user is logged in, they can change their password using the following endpoint.
POST auth.<cluster-name>.hasura-app.io/v1/user/change-password HTTP/1.1
Authorization: Bearer <auth_token>
{
"old_password": "oldpassword",
"new_password": "newpassword"
}
Forgot password¶
The Username provider does not have a forgot password feature. This is by design, as it does not have any channel (like email) to send a forgot password token to the user.
If you want this feature, use either the email or mobile/password provider.
