Aista – Magic Cloud – Generate a CRUD app in seconds


The Magic setup process

When you first start Magic you will have to configure it. Before I guide you through this process though …

The Magic setup process – Aista

When you first start Magic you will have to configure it. Before I guide you through this process though,
please realise that Magic’s frontend dashboard was created to be able to manage multiple backends.
This is the reason it asks you for a “Backend” as you start it. If you’re using the source code
ZIP download of Magic, you should provide the following in the backend textbox.


If you use the docker images you should provide the following.


If you have installed Magic on a VPS, you need to provide the backend primary URL to your backend,
whatever that is. Then you need to login to your Magic dashboard. Before Magic has configured a database,
and applied a JWT authentication secret, your username and password is root/root. However, Magic will
ask you to change this immediately after having logged in. Standard values for logging into your backend
using the source code ZIP download can be found below. If you’re using docker exchange the URL
to http://localhost:4444.

The Magic setup process – Aista

Default login

The way Magic determines whether or not to allow you to login with your default credentials or not, is by
checking your magic:auth:secret configuration value. You can find this value your backend’s “files/config/appsettings.json”
configuration file. Its default value looks like the following.

Default configuration settings

The important parts here is the “THIS-IS-NOT-A-GOOD-SECRET-PLEASE-CHANGE-IT” part. As Magic logs
you in as a “root”, it will check this configuration value, and if it finds the above value for
your auth secret, it will guide you through setting up Magic. After you have successfully pointed
Magic to a database, the above value will change to something such as follows.


The idea being that this becomes your JWT secret, providing you with security, allowing Magic to
generate JWT tokens that cannot be reproduced by an adversary. At this point you can no longer
use “root” as your root user’s password, but you have to provide whatever password you chose
as you configured your database. Below is a screenshot (light theme) of how Magic will look
like after you’ve logged into it for the first time.

Setup database

Whatever you type in the above password field becomes your root user’s password. Notice, this
user have full access to everything in Magic, and you should provide a highly secure password here.

The Magic setup process – Aista

When you click “Next” in the above screen, Magic will create a magic database for you, insert a new
root user into it, with the password you provided, and lead you to the next setup screen. When Magic
is done with the above step it will ask you to “crudify” your Magic database. This implies creating
HTTP endpoints wrapping your newly created magic database. This typically resembles the following.

Crudify magic database

Click “Next” in the above screen, at which point you’re brought to the following.

Create cryptography key pair

The above setup step will have Magic create a cryptography key pair for your Magic server. This cryptography
key is used a lot of places in Magic, and basically allows Magic to cryptographically secured communicate
with other servers, and/or clients. Notice, as you click the above “Next” button Magic will need some time
to create your cryptography key pair. However, when it’s done, your Magic server configuration process is done,
and you can optionally run the assumptions to verify everything is working as it should. Below is a YouTube
video illustrating the process. Notice, if you’re not using Docker, you’ll have to change the backend URL
I’m using in the video.