Every Thin Backend project comes with zero-setup login, user management and a permissions system included
Trigger common auth actions with the JS SDK. Use react components and hooks to access the current user:
useCurrentUser()
loginWithRedirect()
logout()
<ThinBackend requireLogin>
// Access the current user via hooks:
import { useCurrentUser } from 'thin-backend-react';
function UserDetails() {
const user = useCurrentUser();
return <div>{user.email}</div>;
}
// Login Button
import { loginWithRedirect } from 'thin-backend';
function LoginButton() {
return <button onClick={loginWithRedirect}>Login</button>
}
// Logout Button
import { logout } from 'thin-backend';
function LoginButton() {
return <button onClick={logout}>Logout</button>
}
// Require login for the full app
import { ThinBackend } from 'thin-backend-react';
function App() {
// The `requireLogin` triggers a
// redirect to the login page if not logged in
return <ThinBackend requireLogin>
<div>Hello World</div>
</ThinBackend>
}
Thin Backend uses Postgres Policies to make sure that users can only see what they're allowed to see.
Based on naming conventions, Thin Backend will automatically generate the initial policies for you based on naming. You then only need to adjust the default policies based on your needs.
E.g. if you add a column called user_id
to your tasks
table, it will add a policy that allows users to read their own task records and only add tasks with their own user_id
:
CREATE POLICY "Users can manage their tasks"
ON tasks
USING
(user_id = ihp_user_id())
WITH CHECK
(user_id = ihp_user_id())
;
Using Enums and Postgres Policies you can quickly implement any kind of role-based permission management.
CREATE POLICY "Editors can manage the posts"
ON posts
USING /* everyone can read */ TRUE
WITH CHECK /* editors can write */
( 'role_editor'
= (
SELECT role
FROM users
WHERE users.id = ihp_user_id()
)
)
;
Quickly add third party social logins to your app. No code changes needed.
Supported OAuth Providers: