apunkt/rowboat
1
0
Fork 0
mirror of https://github.com/rowboatlabs/rowboat.git synced 2026-04-25 00:16:29 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

make auth optional

Browse source
This commit is contained in:
Ramnique Singh 2025-03-27 07:58:15 +05:30
parent 4b3395ea3a
commit 861bae11a6
9 changed files with 73 additions and 27 deletions
Download patch file Download diff file Expand all files Collapse all files

16
.env.example
View file

@ -2,11 +2,19 @@
# ------------------------------------------------------------
MONGODB_CONNECTION_STRING=mongodb://127.0.0.1:27017/rowboat
OPENAI_API_KEY=<OPENAI_API_KEY>
AUTH0_SECRET=<AUTH0_SECRET>
# Uncomment to enable auth using Auth0
# ------------------------------------------------------------
# USE_AUTH=true
# Even though auth is disabled by default, these test values are needed for the auth0 imports
# --------------------------------------------------------------------------------------------
AUTH0_SECRET=test_secret
AUTH0_BASE_URL=http://localhost:3000
AUTH0_ISSUER_BASE_URL=<AUTH0_ISSUER_BASE_URL>
AUTH0_CLIENT_ID=<AUTH0_CLIENT_ID>
AUTH0_CLIENT_SECRET=<AUTH0_CLIENT_SECRET>
AUTH0_ISSUER_BASE_URL=https://test.com
AUTH0_CLIENT_ID=test
AUTH0_CLIENT_SECRET=test
# Uncomment to enable RAG:
# ------------------------------------------------------------

52
README.md
View file

@ -42,20 +42,6 @@ Before running RowBoat, ensure you have:
brew services start mongodb-community@8.0
```
4. **Auth0 Account and Application Setup**
- **Create an Auth0 Account**: Sign up at [Auth0](https://auth0.com).
- **Create a New Application**: Choose "Regular Web Application", select "Next.js" as the application type, and name it "RowBoat".
- **Configure Application**:
- **Allowed Callback URLs**: In the Auth0 Dashboard, go to your "RowBoat" application settings and set `http://localhost:3000/api/auth/callback` as an Allowed Callback URL.
- **Get Credentials**: Collect the following from your Auth0 application settings:
- **Domain**: Copy your Auth0 domain (ensure you append `https://` to the Domain that the Auth0 dashboard shows you)
- **Client ID**: Your application's unique identifier
- **Client Secret**: Your application's secret key
- **Generate secret**: Generate a session encryption secret in your terminal and note the output for later:
```bash
openssl rand -hex 32
```
## Local Development Setup
1. **Clone the Repository**
@ -75,13 +61,6 @@ Before running RowBoat, ensure you have:
# OpenAI Configuration
OPENAI_API_KEY=your-openai-api-key
# Auth0 Configuration
AUTH0_SECRET=your-generated-secret # Generated using openssl command
AUTH0_BASE_URL=http://localhost:3000 # Your application's base URL
AUTH0_ISSUER_BASE_URL=https://example.auth0.com # Your Auth0 domain (ensure it is prefixed with https://)
AUTH0_CLIENT_ID=your-client-id
AUTH0_CLIENT_SECRET=your-client-secret
# MongoDB Configuration (choose one based on your setup)
# For local MongoDB
MONGODB_CONNECTION_STRING=mongodb://host.docker.internal:27017/rowboat
@ -173,6 +152,37 @@ Before running RowBoat, ensure you have:
The documentation site is available at [http://localhost:8000](http://localhost:8000)
## Enable Authentication
By default, RowBoat runs without authentication. To enable user authentication using Auth0:
1. **Auth0 Setup**
- **Create an Auth0 Account**: Sign up at [Auth0](https://auth0.com).
- **Create a New Application**: Choose "Regular Web Application", select "Next.js" as the application type, and name it "RowBoat".
- **Configure Application**:
- **Allowed Callback URLs**: In the Auth0 Dashboard, go to your "RowBoat" application settings and set `http://localhost:3000/api/auth/callback` as an Allowed Callback URL.
- **Get Credentials**: Collect the following from your Auth0 application settings:
- **Domain**: Copy your Auth0 domain (ensure you append `https://` to the Domain that the Auth0 dashboard shows you)
- **Client ID**: Your application's unique identifier
- **Client Secret**: Your application's secret key
- **Generate secret**: Generate a session encryption secret in your terminal and note the output for later:
```bash
openssl rand -hex 32
```
2. **Update Environment Variables**
Add the following to your `.env` file:
```ini
USE_AUTH=true
AUTH0_SECRET=your-generated-secret # Generated using openssl command
AUTH0_BASE_URL=http://localhost:3000 # Your application's base URL
AUTH0_ISSUER_BASE_URL=https://example.auth0.com # Your Auth0 domain (ensure it is prefixed with https://)
AUTH0_CLIENT_ID=your-client-id
AUTH0_CLIENT_SECRET=your-client-secret
```
After enabling authentication, users will need to sign in to access the application.
## Enable RAG
RowBoat supports RAG capabilities to enhance responses with your custom knowledge base. To enable RAG, you'll need:

8
apps/rowboat/app/actions/actions.ts
View file

@ -11,10 +11,18 @@ import { getAgenticApiResponse, getAgenticResponseStreamId } from "../lib/utils"
import { check_query_limit } from "../lib/rate_limiting";
import { QueryLimitError } from "../lib/client_utils";
import { projectAuthCheck } from "./project_actions";
import { USE_AUTH } from "../lib/feature_flags";
const crawler = new FirecrawlApp({ apiKey: process.env.FIRECRAWL_API_KEY || '' });
export async function authCheck(): Promise<Claims> {
if (!USE_AUTH) {
return {
email: 'guestuser@rowboatlabs.com',
email_verified: true,
sub: 'guest_user',
};
}
const { user } = await getSession() || {};
if (!user) {
throw new Error('User not authenticated');

4
apps/rowboat/app/actions/project_actions.ts
View file

@ -10,8 +10,12 @@ import { authCheck } from "./actions";
import { WithStringId } from "../lib/types/types";
import { ApiKey } from "../lib/types/project_types";
import { Project } from "../lib/types/project_types";
import { USE_AUTH } from "../lib/feature_flags";
export async function projectAuthCheck(projectId: string) {
if (!USE_AUTH) {
return;
}
const user = await authCheck();
const membership = await projectMembersCollection.findOne({
projectId,

3
apps/rowboat/app/lib/feature_flags.ts
View file

@ -1,4 +1,5 @@
export const USE_RAG = process.env.USE_RAG === 'true';
export const USE_RAG_UPLOADS = process.env.USE_RAG_UPLOADS === 'true';
export const USE_RAG_SCRAPING = process.env.USE_RAG_SCRAPING === 'true';
export const USE_CHAT_WIDGET = process.env.USE_CHAT_WIDGET === 'true';
export const USE_CHAT_WIDGET = process.env.USE_CHAT_WIDGET === 'true';
export const USE_AUTH = process.env.USE_AUTH === 'true';

7
apps/rowboat/app/page.tsx
View file

@ -1,5 +1,12 @@
import { App } from "./app";
import { redirect } from "next/navigation";
import { USE_AUTH } from "./lib/feature_flags";
export const dynamic = 'force-dynamic';
export default function Home() {
if (!USE_AUTH) {
redirect("/projects");
}
return <App />
}

5
apps/rowboat/app/projects/layout.tsx
View file

@ -4,6 +4,9 @@ import Image from "next/image";
import Link from "next/link";
import { UserButton } from "../lib/components/user_button";
import { ThemeToggle } from "../lib/components/theme-toggle";
import { USE_AUTH } from "../lib/feature_flags";
export const dynamic = 'force-dynamic';
export default function Layout({
children,
@ -30,7 +33,7 @@ export default function Layout({
</div>
<div className="flex items-center gap-2">
<ThemeToggle />
<UserButton />
{USE_AUTH && <UserButton />}
</div>
</header>
<main className="grow overflow-auto">

4
apps/rowboat/middleware.ts
View file

@ -34,6 +34,10 @@ export async function middleware(request: NextRequest, event: NextFetchEvent) {
}
if (request.nextUrl.pathname.startsWith('/projects')) {
// Skip auth check if USE_AUTH is not enabled
if (process.env.USE_AUTH !== 'true') {
return NextResponse.next();
}
return auth0MiddlewareHandler(request, event);
}

1
docker-compose.yml
View file

@ -10,6 +10,7 @@ services:
environment:
- OPENAI_API_KEY=${OPENAI_API_KEY}
- MONGODB_CONNECTION_STRING=${MONGODB_CONNECTION_STRING}
- USE_AUTH=${USE_AUTH}
- AUTH0_SECRET=${AUTH0_SECRET}
- AUTH0_BASE_URL=${AUTH0_BASE_URL}
- AUTH0_ISSUER_BASE_URL=${AUTH0_ISSUER_BASE_URL}