docker.recipes

SuperTokens for E-commerce

intermediate

Open-source authentication for e-commerce apps.

Overview

SuperTokens is an open-source authentication framework designed specifically for modern web applications, offering a self-hosted alternative to services like Auth0 or Firebase Auth. Originally developed to address the complexity and vendor lock-in issues of traditional authentication solutions, SuperTokens provides pre-built authentication recipes including email/password, social login, passwordless authentication, and comprehensive session management. Unlike SaaS authentication providers, SuperTokens gives developers complete control over their user data while maintaining enterprise-grade security standards. This stack combines SuperTokens with PostgreSQL to create a robust authentication infrastructure for e-commerce applications. SuperTokens handles all authentication flows including user registration, login, password recovery, and session management, while PostgreSQL stores user data, session information, and authentication metadata with ACID compliance and advanced indexing. The PostgreSQL backend enables complex user queries, customer analytics, and maintains data integrity crucial for e-commerce platforms where user data accuracy directly impacts business operations. E-commerce developers and startups seeking cost-effective, privacy-compliant authentication solutions will find this combination particularly valuable. The stack eliminates monthly SaaS authentication fees while providing GDPR compliance through data sovereignty, custom user schemas for e-commerce-specific fields, and the ability to perform complex customer analytics directly on authentication data. This setup is ideal for businesses requiring custom authentication flows, multi-tenant e-commerce platforms, or organizations with strict data residency requirements.

Key Features

  • Pre-built authentication recipes for emailpassword, social OAuth, and passwordless flows optimized for e-commerce user experience
  • Session management with automatic refresh, device tracking, and concurrent session limits for account security
  • Social login integration with Google, Facebook, GitHub, and custom OAuth providers through SuperTokens dashboard
  • PostgreSQL JSONB storage for flexible user metadata including shopping preferences, order history references, and custom profile fields
  • Multi-tenancy support enabling separate customer bases for marketplace or white-label e-commerce applications
  • Built-in user roles and permissions system for customer, admin, and vendor access levels
  • Email verification and password recovery workflows with customizable templates for brand consistency
  • Advanced PostgreSQL indexing on user lookup fields and authentication tokens for sub-millisecond query performance

Common Use Cases

  • 1E-commerce startups requiring cost-effective authentication without monthly SaaS fees while maintaining professional user experience
  • 2Multi-vendor marketplaces needing tenant isolation for separate seller and buyer authentication domains
  • 3International e-commerce platforms requiring GDPR compliance and data residency in specific geographic regions
  • 4Custom B2B e-commerce platforms with complex user hierarchies, approval workflows, and role-based catalog access
  • 5Headless commerce implementations requiring authentication APIs for mobile apps, PWAs, and multiple frontend frameworks
  • 6E-commerce platforms needing customer analytics integration by querying authentication data alongside order and behavioral data
  • 7Subscription-based e-commerce services requiring sophisticated session management and account sharing prevention

Prerequisites

  • Minimum 1GB RAM allocation for PostgreSQL to handle concurrent authentication requests and user data indexing
  • Port 3567 available for SuperTokens Core API access from frontend and backend applications
  • Basic understanding of OAuth flows and JWT tokens for implementing SuperTokens SDKs in e-commerce applications
  • Frontend framework knowledge (React, Vue, Angular) for integrating SuperTokens pre-built UI components
  • Environment variable management for database credentials and SuperTokens API keys in production deployments
  • SSL certificate setup for production environments to secure authentication endpoints and user data transmission

For development & testing. Review security settings, change default credentials, and test thoroughly before production use. See Terms

docker-compose.yml

docker-compose.yml
1services: 
2  supertokens: 
3    image: supertokens/supertokens-postgresql:latest
4    container_name: supertokens
5    restart: unless-stopped
6    environment: 
7      POSTGRESQL_CONNECTION_URI: postgresql://${DB_USER}:${DB_PASSWORD}@postgres:5432/${DB_NAME}
8    ports: 
9      - "3567:3567"
10    depends_on: 
11      - postgres
12    networks: 
13      - supertokens
14
15  postgres: 
16    image: postgres:16-alpine
17    container_name: supertokens-postgres
18    environment: 
19      POSTGRES_DB: ${DB_NAME}
20      POSTGRES_USER: ${DB_USER}
21      POSTGRES_PASSWORD: ${DB_PASSWORD}
22    volumes: 
23      - postgres_data:/var/lib/postgresql/data
24    networks: 
25      - supertokens
26
27volumes: 
28  postgres_data: 
29
30networks: 
31  supertokens: 
32    driver: bridge

.env Template

.env
1DB_NAME=supertokens
2DB_USER=supertokens
3DB_PASSWORD=changeme

Usage Notes

  1. 1Docs: https://supertokens.com/docs/
  2. 2Core API at http://localhost:3567, use with frontend/backend SDKs
  3. 3Recipes: emailpassword, social login, passwordless, session management
  4. 4SDKs for React, Node.js, Python, Go - add to your e-commerce app
  5. 5Self-hosted alternative to Auth0/Firebase Auth
  6. 6Configure social providers via dashboard or API

Individual Services(2 services)

Copy individual services to mix and match with your existing compose files.

supertokens
supertokens:
  image: supertokens/supertokens-postgresql:latest
  container_name: supertokens
  restart: unless-stopped
  environment:
    POSTGRESQL_CONNECTION_URI: postgresql://${DB_USER}:${DB_PASSWORD}@postgres:5432/${DB_NAME}
  ports:
    - "3567:3567"
  depends_on:
    - postgres
  networks:
    - supertokens
postgres
postgres:
  image: postgres:16-alpine
  container_name: supertokens-postgres
  environment:
    POSTGRES_DB: ${DB_NAME}
    POSTGRES_USER: ${DB_USER}
    POSTGRES_PASSWORD: ${DB_PASSWORD}
  volumes:
    - postgres_data:/var/lib/postgresql/data
  networks:
    - supertokens

Quick Start

terminal
1# 1. Create the compose file
2cat > docker-compose.yml << 'EOF'
3services:
4  supertokens:
5    image: supertokens/supertokens-postgresql:latest
6    container_name: supertokens
7    restart: unless-stopped
8    environment:
9      POSTGRESQL_CONNECTION_URI: postgresql://${DB_USER}:${DB_PASSWORD}@postgres:5432/${DB_NAME}
10    ports:
11      - "3567:3567"
12    depends_on:
13      - postgres
14    networks:
15      - supertokens
16
17  postgres:
18    image: postgres:16-alpine
19    container_name: supertokens-postgres
20    environment:
21      POSTGRES_DB: ${DB_NAME}
22      POSTGRES_USER: ${DB_USER}
23      POSTGRES_PASSWORD: ${DB_PASSWORD}
24    volumes:
25      - postgres_data:/var/lib/postgresql/data
26    networks:
27      - supertokens
28
29volumes:
30  postgres_data:
31
32networks:
33  supertokens:
34    driver: bridge
35EOF
36
37# 2. Create the .env file
38cat > .env << 'EOF'
39DB_NAME=supertokens
40DB_USER=supertokens
41DB_PASSWORD=changeme
42EOF
43
44# 3. Start the services
45docker compose up -d
46
47# 4. View logs
48docker compose logs -f

One-Liner

Run this command to download and set up the recipe in one step:

terminal
1curl -fsSL https://docker.recipes/api/recipes/supertokens/run | bash

Troubleshooting

  • POSTGRESQL_CONNECTION_URI connection refused: Ensure postgres service starts before supertokens by checking depends_on configuration and network connectivity
  • SuperTokens Core API returns 500 on startup: Verify PostgreSQL database exists and credentials match between DB_USER, DB_PASSWORD environment variables
  • Frontend SDK cannot connect to localhost:3567: Configure SuperTokens connectionURI to match your deployment domain and ensure CORS settings allow your frontend origin
  • Social login providers return invalid redirect URI: Update OAuth app settings in provider dashboards to include your SuperTokens callback URLs with correct domain
  • Session refresh tokens expire immediately: Check system clock synchronization between containers and verify PostgreSQL timezone settings match your application requirements
  • User registration fails with duplicate key error: Ensure email uniqueness constraints in PostgreSQL and implement proper error handling in SuperTokens frontend integration

Community Notes

Loading...
Loading notes...

Download Recipe Kit

Get all files in a ready-to-deploy package

Includes docker-compose.yml, .env template, README, and license

Components

supertokenspostgres

Tags

#supertokens#auth#authentication#oauth

Category

E-Commerce & Business

Related Recipes

Ad Space