The Magic setup process

10 Feb 2022 - thomas

When you first start Magic you will have to configure it. Before I guide you through this process though, please realise that Magic’s frontend dashboard was created to be able to manage multiple backends. This is the reason it asks you for a “Backend” as you start it. If you’re using the source code ZIP download of Magic, you should provide the following in the backend textbox.

http://localhost:5000

If you use the docker images you should provide the following.

http://localhost:4444

If you have installed Magic on a VPS, you need to provide the backend primary URL to your backend, whatever that is. Then you need to login to your Magic dashboard. Before Magic has configured a database, and applied a JWT authentication secret, your username and password is root/root. However, Magic will ask you to change this immediately after having logged in. Standard values for logging into your backend using the source code ZIP download can be found below. If you’re using docker exchange the URL to http://localhost:4444.

Default login

The way Magic determines whether or not to allow you to login with your default credentials or not, is by checking your magic:auth:secret configuration value. You can find this value your backend’s “files/config/appsettings.json” configuration file. Its default value looks like the following.

Default configuration settings

The important parts here is the “THIS-IS-NOT-A-GOOD-SECRET-PLEASE-CHANGE-IT” part. As Magic logs you in as a “root”, it will check this configuration value, and if it finds the above value for your auth secret, it will guide you through setting up Magic. After you have successfully pointed Magic to a database, the above value will change to something such as follows.

REfmCj8ZlzgtXV3BMG3hPrciAghlBzUQhIRPtPqKl9BAYvvB6hKpXbucDhyldVOiMtZuU815SMlYcueOYmSyIQT7nggsY

The idea being that this becomes your JWT secret, providing you with security, allowing Magic to generate JWT tokens that cannot be reproduced by an adversary. At this point you can no longer use “root” as your root user’s password, but you have to provide whatever password you chose as you configured your database. Below is a screenshot (light theme) of how Magic will look like after you’ve logged into it for the first time.

Setup database

Whatever you type in the above password field becomes your root user’s password. Notice, this user have full access to everything in Magic, and you should provide a highly secure password here.

When you click “Next” in the above screen, Magic will create a magic database for you, insert a new root user into it, with the password you provided, and lead you to the next setup screen. When Magic is done with the above step it will ask you to “crudify” your Magic database. This implies creating HTTP endpoints wrapping your newly created magic database. This typically resembles the following.

Crudify magic database

Click “Next” in the above screen, at which point you’re brought to the following.

Create cryptography key pair

The above setup step will have Magic create a cryptography key pair for your Magic server. This cryptography key is used a lot of places in Magic, and basically allows Magic to cryptographically secured communicate with other servers, and/or clients. Notice, as you click the above “Next” button Magic will need some time to create your cryptography key pair. However, when it’s done, your Magic server configuration process is done, and you can optionally run the assumptions to verify everything is working as it should. Below is a YouTube video illustrating the process. Notice, if you’re not using Docker, you’ll have to change the backend URL I’m using in the video.