Skip to main content

Extend Your App

To Create full fledged Applications and Backends

Extend your App with low-code customizations, add-ons and integrations to support your complete use case.

In this overview, you will learn to How to Customize Faster via Low-Code, For further details refer to Customize & Extend section.

info

With EasyManage, you have managed to save upto 80% of the time manually writing code. By extending the generated code with few more lines, you are able to complete your fully functional app or backend.

tip

For corresponding details, Please refer to Resources page for locating Github and Videos Learn, Videos, Tutorials

Frequently Needed Extendings

Here are some common Full-Stack, Frontend & Backend extending needs after code is generated:

  • Security - Authentication & Authorization
  • Refer to Customize & Extend List below

Customize Faster in hours

Security - Authentication & Authorization

Authentication & Authorization is provisioned or can be sought from thrid party authentication services.

  • RBAC Configure Role Based Access Control, with Roles to permission rules for CRUD Ops.

EasyManage generated code does not enable Security by default, but which can be enabled in very short time.

Set/Enable In-built Authentication & Authorization via one of the methods below:

Out-Of-Box Available Methods List

  • Method A : Backend API Secure with Basic Auth [InMemoryUserDetails], Frontend to Backend secure calling.
    • Enable Security in Backend APIs. Set frontend to backend secure calling. No User Level Sign-In.
  • Method B : Backend API Secure with Basic Auth [DatabaseBackedUserDetails], Frontend Secure
    • Enable Security in Backend APIs and Frontend. Get screens Splash, Sign-Up, Sign-In.
    • Backend: Authentication with a Database-backed UserDetailsService

DIY Methods List

  • Method : (DIY) Backend API Secure with JWT (JSON Web Token) [OAuth2], Frontend Secure
  • Method : (DIY) Secure with Social Login OAuth2 protocol
    • Enable authentication and authorization with 3rd party providers such as Google, Facebook, Apple etc.
  • Method : (DIY) Secure with OAuth 2.0 providers such as auth0.com, Backend API Secure, Frontend Secure
  • Method : (DIY) Secure with Firebase Auth, Backend API Secure, Frontend Secure
    • Enable Security in Backend APIs and Frontend via provider Firebase Auth.

Out-Of-Box Available Methods: How To Use ?

Details are provided below for Methods A, B. Other methods are DIY (Do-It-Yourself).

Method A : Backend API Secure with Basic Auth [InMemoryUserDetails], Frontend to Backend secure calling.

  • Enable Security in Backend APIs. Set frontend to backend secure calling. No User Level Sign-In.
  • But for Frontend User Level Sign-Up Sign-In, use your own custom method. This option is advisable when you have a particular pre-existing frontend security method you want to use.
  • Handling of Authorizations as per Roles ROLE_USER, ROLE_ADMIN is done by backend APIs. Frontend will perform the action and show access error, if received from APIs.

Frontend Flutter App

To verify/change secure calling APIs, Open file em_app\lib\em_global.dart , and look for below variables, and set to correct values e.g. isApiCallSecure = true; :

// ------ API common params ---------------
String apiScheme = "http";
//String apiScheme = "https";

bool isApiCallSecure = false;

// ------ To enable Secure API calling with Http Basic Auth ---------------
String apiUsername = 'emAdmin'; //'emUser';
String apiPassword = 'emAdmin123'; //'emUser123';
caution

Including sensitive secrets in source code, is meant for development stage only. For production, use better way e.g. i) set apiUsername, apiPassword values via command line parameters, and ii) must use obfuscation
flutter build appbundle --dart-define="apiPassword=emAdmin123" --obfuscate --split-debug-info=< dir >
set values from env in source
const apiPassword = String.fromEnvironment("apiPassword");

Backend - Changes Variation

Please use the Method A variation mentioned in backend changes.

Backend GraphQL APIs

To enable API security, Follow instructions in file EmDbGraphQLApp*\springGql\security\Readme_Security_Gql.txt

---------------------------------------------
To enable Spring Security For GraphQL - Http Basic Auth
Steps -
1] pom.xml : Uncomment dependency spring-boot-starter-security
2] Follow one of below Methods -


Method A - Backend API Secure with *Basic Auth* [InMemoryUserDetails]

COPY <this_dir>/basicAuthInMemoryUserDetailsGql To ../src/security/basicAuthInMemoryUserDetailsGql

Method B - Backend API Secure with *Basic Auth* [DatabaseBackedUserDetails]

COPY <this_dir>/basicAuthDbUserDetailsGql To ../src/security/basicAuthDbUserDetailsGql
COPY <this_dir>../../EmDbRestApp*/spring/security/DbUserDetails To ../src/security/DbUserDetails
Implement <this_dir>../../EmDbRestApp*/spring/security/sql/app_users.sql in your database.


3] Uncomment Security Auth Annotations in *GraphqlController.java, against required Mutations
e.g. @PreAuthorize("hasRole('USER') or hasRole('ADMIN')")
Also Uncomment imports required e.g.
//import org.springframework.security.access.annotation.Secured;
//import org.springframework.security.access.prepost.PreAuthorize;
4] Clean and Re-build project
---------------------------------------------
Note: Below annotations may have issues for using in spring graphql
//@Secured({ "ADMIN" })
//@RolesAllowed({ "USER","ADMIN" })
---------------------------------------------

Backend REST APIs

To enable API security, Follow instructions in file EmDbRestApp*\spring\security\Readme_Security.txt

---------------------------------------------
To enable Spring Rest Security - Http Basic Auth
Steps -
1] pom.xml : Uncomment dependency spring-boot-starter-security
2] Follow one of below Methods -


Method A - Backend API Secure with *Basic Auth* [InMemoryUserDetails]

COPY <this_dir>/basicAuthInMemoryUserDetails To ../src/security/basicAuthInMemoryUserDetails

Method B - Backend API Secure with *Basic Auth* [DatabaseBackedUserDetails]

COPY <this_dir>/basicAuthDbUserDetails To ../src/security/basicAuthDbUserDetails
COPY <this_dir>/DbUserDetails To ../src/security/DbUserDetails
Implement <this_dir>/sql/app_users.sql in your database.

3] Security Authorization for api calls as per ROLE_USER, ROLE_ADMIN is implemented via antMatchers (in this file only).
4] Clean and Re-build project
---------------------------------------------
Note: Below annotations can also be used in spring controller methods, do import them as well
//@Secured({ "ADMIN" })
//@RolesAllowed({ "USER","ADMIN" })
---------------------------------------------

Method B : Backend API Secure with Basic Auth [DatabaseBackedUserDetails], Frontend Secure

  • Enable Security in Backend APIs and Frontend. Get screens Splash, Sign-Up, Sign-In.
  • Backend: Authentication with a Database-backed UserDetailsService
  • Handling of Authorizations as per Roles ROLE_USER, ROLE_ADMIN is done by backend APIs. Frontend will perform the action and show access error, if received from APIs.
  • Display security related screens and e.g. Sign-In screen to capture and validate User/Password.
info

Method B implementation support is available via email support@easymanage.com.

Please follow all steps mentioned under Method A for each -

  • Frontend Flutter App
  • Backend GraphQL APIs
  • Backend REST APIs

Backend - Changes Variation

Please use the Method B variation mentioned in backend changes.

info

Above steps are common to both methods. Then follow below steps.

Frontend Flutter App - Additional Changes

To verify/change enabling Sign-In screen and secure calling APIs, Open file em_app\lib\em_global.dart , and look for below variables, and set to correct values e.g. isAppFESecure = true; :

// ======== Security Settings ==========================================
// ---- To Display Sign-In Screen, Validate Users, Store User credentials Authenticated, Use them for API calls ----
// ---- if true, must set "isApiCallSecure = true" as well ----
bool isAppFESecure = true;

The result will be that, a Splash Screen is displayed with Sign-Up and Sign-In buttons. Sign-Up screen will create new User in database table. Sign-In screen is displayed with, Username/Password are captured and validated, and saved in local device storage, for API calling - it will set apiUsername, apiPassword from the captured Username/Password.

Low-Code Customize & Extend

Github Folder: /tutorials/customize-extend

1) Full-Stack

Details are provided in, and refer to Full-Stack Customize.

2) Frontend (FE)

Flutter Low-Code Customize

Details are provided in, and refer to Flutter App Customize.

3) Backend (BE)

GraphQL Low-Code Customize

Details are provided in, and refer to GraphQL APIs Customize.

REST Low-Code Customize

Details are provided in, and refer to REST APIs Customize.

4) Integrations

Extend For Consumer Facing D2C solutions

  • Add Integrations like
    • Cloud Storage: Firebase, Google Drive, others.
    • AdMob : In-App advertisements.
    • Payment Gateway: Stripe, PayPal, more.
    • App Analytics: Google Analytics.
    • Misc: Email, Google Calendar, Calendly, Zoom.
    • Web Viewer: Access webpages, JavaScript supported.
    • Connecting with a Content Management System (CMS)