Hi, I have a self hosted Speckle server and would like to authenticate users through the API and some other things, but I don’t know how to query it, I’m not familliar with GQL so I didn’t quite understand the docs.
I’d be glad if you could help me query:
User authentication
New accounts creation
Get projects from a user
Get the preview for a certain project
Any help is appreciated, thanks and have a nice day! <3
Hey @MatheuzDreher ,
I understand this can be quite tricky, if you could share a bit more about what you are building I can point you in the right direction. Are you building an app on top of speckle? Is it in JS, C#, Python?
Do they need to authenticate from the web or desktop?
We have quite a few tutorials online that you can check out:
And you can always look at our source code for web and connectors: Speckle · GitHub
Hey @teocomi ,
Sorry for the late response. I’m currently developing a mobile and web app using Flutter. It’s essentially a custom frontend for a self-hosted Speckle server. I understand that Speckle wasn’t designed with mobile in mind, but things have been working fine so far. My biggest concern was the viewer performance, but the community has already assisted me with that.
Can I log in/register users through the app itself? I’ve seen the guide in the documentation, but it requires opening a web browser tab to accept or deny the authentication.
This project is for a non-profit organization, and I’m just a student, so almost everything is very new to me. Thanks a lot for your help and patience! It’s been really fun learning development with the support of Speckle.
Hey, no worries. It’s a tough thing to deal with - authentication - on a first rodeo. You can check how other third party applications deal with authentication. For example, speckle-server/packages/server/assets/apiexplorer/templates/explorer.html at ef25428bd8e4f01a6329619f341668682f91a9de · specklesystems/speckle-server · GitHub
You will always need to open a browser up for the user to to give consent and you to be able to get a token to act on behalf of the user.
Registering users is not a third party app scope, but a first party app. Since you’re doing this against a self hosted server, you can tweak the permissions on the server side there! But mind you, this will mean your app will work with your self hosted server only.
What if I access PostgreSQL directly? This way, I can implement my own authentication for logging in and registering users on the server. Would this be a suitable workaround?
I attempted this yesterday by accessing “publicip:5432,” but I had no luck. I could only connect to the database locally. Do you have any suggestions?
I appreciate the help, as aways, cheers!
@MatheuzDreher, you would be better off considering using the Speckle stack and APIs as expected. Postgres access will not be useful, as the atomisation of a project’s data into Postgres rows is best handled by the full application.
The OAuth2 flow required is quite typical, even for Flutter applications. I have used the same approach when working with Firebase applications for mobile and even Apps Script sidebars.
There are many developer resources describing how to implement OAuth2 with Flutter. While I don’t have a strong recommendation of which packages to use, I recommend you stick with the normal operations. oauth2 | Dart package
I’ll second @jonathon’s comments about not connecting to Speckle’s database directly. An upgrade of Speckle may migrate the database schema. If your application is writing data to a migrated table it could cause issues for the application or for Speckle (as the application may write unexpected data).
If you do need a database for your application, please instead create a different database within the postgres server.
The postgres server is not exposed publicly, as this could be considered a security risk. Access is restricted to the Docker Compose network (and localhost).
Iain
Got it, thanks for pointing me in the right direction!
I feel like this is a stupid question, but how would I go about registering users? Is it only possible through the server’s frontend?
Right—in API terms, you have the ability to Invite users, not add them directly. They will have to accept an invite to whichever Speckle server - in this case your self-hosted one.