ระบบยืนยันตัวตนสำหรับบริการภายในสโมสรนิสิตคณะวิทยาศาสตร์ จุฬาลงกรณ์มหาวิทยาลัย
This project provides a secure authentication service for the Science Student's Union (SMO Sci CU) at Chulalongkorn University. It is sit between the user authentication and the student data management, allowing users to log in with their Chulalongkorn University accounts and manage their student information and rights for various applications used by the union to access their data securely.
This project is primarily intended for developers and system administrators who will be working with the authentication service. For end-users, the authentication process is handled automatically through the applications that integrate with this service and does not require direct interaction with this codebase.
-
Clone the repository
-
Install Bun if you haven't already
curl https://bun.sh/install | bashMake sure to add Bun to your PATH as instructed by the installer.
-
Install dependencies
bun install
-
Duplicate
example.env.varsto.env.varsand fill in the required environment variables. -
Migrate the database
bun run db:migrate:dev
-
Start the development server
bun run dev
This project is separated into several parts:
- Workers: The main authentication service running on Cloudflare Workers using D1 database, KV storage, and BetterAuth for authentication management.
- Frontend: The user interface for the authentication service, for user login, registration, and data management.
To start the development server, run:
bun run devWe use BetterAuth OAuth Proxy to test the OAuth flow locally. You can just start dev server as usual and it just works.
After making changes to the database schema, you can generate the migration files by running:
bun run db:generateThen apply the migrations to your local database with:
bun run db:migrate:devIf you want to apply the migrations to the production database, use:
bun run db:migrate:prodTo update the authentication configuration, you can modify the workers/auth/index.ts file. This file contains the configuration for BetterAuth, including the authentication providers, user model, and other settings.
After making changes, you can generate the authentication schema by running:
bun run auth:updateThis will automatically update the workers/db/auth.schema.ts file with the latest authentication schema. You can then select and apply any conflicts that arise during the update process by the interactive prompt.
After updating the schema and create a migration file, you can apply the migrations to your local database with:
bun run db:migrate:devIf you want to apply the migrations to the production database, use:
bun run db:migrate:prodThis normally should be done after you have deployed the changes to the production environment.
This project is designed for apps that within the supervision of the Science Student's Union (SMO Sci CU) at Chulalongkorn University. It provides a secure and flexible authentication and student's data management system that can be integrated into various applications used by the union.
For detailed API documentation, please refer to the API Reference page. This documentation provides information on available endpoints, request and response formats, and examples of how to use the API.
The authentication uses Google OAuth to allow users to log in with their Chulalongkorn University accounts then collects other information such as name, faculty, department, and program from student directly.
Getting data from University's database is not available yet, so the user must fill in their information manually. The data will be stored in the D1 database and can be accessed through the API.
This service also supports OAuth 2.0 and OpenID Connect (OIDC) protocols, allowing other applications to authenticate users using this service. You can access the OpenID Connect configuration at the following URL:
http://auth.smovidya-chula.workers.dev/api/auth/.well-known/openid-configuration
- User authentication using Google OAuth.
- Student data management, including name, faculty, department, and program.
- User impersonation for testing and administrative purposes.
- Support for OAuth 2.0 and OpenID Connect (OIDC) protocols.
- Secure session management with JWT tokens and JWKS (JSON Web Key Set) endpoint.
- BetterAuth for authentication, OIDC, OAuth provider, JWKS, and more.
- Drizzle ORM for database management.
- Cloudflare Workers for serverless functions.
- Cloudflare D1 for the database.
- React Router for frontend routing.
Contributions are welcome! Please follow these steps:
- Fork the repository.
- Create a new branch for your feature or bug fix.
- Make your changes and commit them with clear messages.
- Push your changes to your forked repository.
- Create a pull request to this main repository!
You can also join our Discord server for discussions and help anytime! And we are more than happy if you can join our ฝ่ายพัฒนาระบบพัฒนาสารสนเทศ, just drop us a message in Discord~
Wait! Don't forget you can always help us in other ways, such as:
- Reporting bugs or issues (bug catchers are always welcome!).
- Suggesting new features or improvements.
- Give feedback on design and usability.
- Helping with documentation (technical writers are always welcome!).
- Testing the application and providing feedback on performance and usability.
- Designing and implementing new features (UI/UX designers are surely short here).
Join our Discord server to discuss how you can contribute!
This project is licensed under the MIT License. See the LICENSE file for details.
If you find any security vulnerabilities, please report them to us in private via email at smovidya.it.team@gmail.com or via our Discord server. We will work with you to resolve the issue as quickly as possible.