docs(server): Add docs for AuthOptions

docs/assets/styles/_markdown.scss

@@ -14,8 +14,13 @@ $block-border-radius: 0.15rem;
         margin-top: 48px;
     }
 
+    h3 {
+        margin-top: 36px;
+        color: $gray-700;
+    }
+
     h1, h2, h3, h4, h5 {
-        font-weight: 400;
+        font-weight: 600;
         line-height: 1.25;
 
         &[id]:target:before {

docs/content/docs/configuration/_index.md

@@ -11,7 +11,6 @@ All configuration and customization of Vendure is done via the `VendureConfig` o
 
 ```TypeScript
 bootstrap({
-    defaultChannelToken: 'default-channel',
     authOptions: {
         sessionSecret: 'xup1hki5zo',
     },
@@ -43,6 +42,9 @@ bootstrap({
             devMode: true,
         }),
         new DefaultSearchPlugin(),
+        new AdminUiPlugin({
+            port: 3001,
+        }),
     ],
 }).catch(err => {
     console.log(err);

docs/content/docs/configuration/config-auth-options.md

@@ -1,6 +1,39 @@
 ---
-title: authOptions
+title: Auth Options
 weight: 1
 ---
 
-# authOptions
+# Auth Options
+
+The `AuthOptions` define how authentication is managed.
+
+## tokenMethod
+
+Sets the method by which the session token is delivered and read.
+
+* "cookie": Upon login, a `Set-Cookie` header will be returned to the client, setting a cookie containing the session token. A browser-based client (making requests with credentials) should automatically send the session cookie with each request.
+* "bearer": Upon login, the token is returned in the response and should be then stored by the client app. Each request should include the header "Authorization: Bearer <token>".
+
+## sessionSecret
+
+The secret used for signing the session cookies for authenticated users. Only applies when tokenMethod is set to "cookie". In production applications, this should not be stored as a string in source control for security reasons, but may be loaded from an external file not under source control, or from an environment variable, for example.
+
+## authTokenHeaderKey
+
+Sets the header property which will be used to send the auth token when using the "bearer" method. Defaults to "vendure-auth-token".
+
+## sessionDuration
+
+Session duration, i.e. the time which must elapse from the last authenticted request after which the user must re-authenticate. 
+
+Expressed as a string describing a time span per [zeit/ms](https://github.com/zeit/ms.js). Eg: `60`, `"2 days"`, `"10h"`, `"7d"`. Defaults to `"7d"`.
+
+## requireVerification
+
+Determines whether new User accounts require verification of their email address. Defaults to `true`.
+
+## verificationTokenDuration
+
+Sets the length of time that a verification token is valid for, after which the verification token must be refreshed.
+
+Expressed as a string describing a time span per [zeit/ms](https://github.com/zeit/ms.js). Eg: `60`, `"2 days"`, `"10h"`, `"7d"`. Defaults to `"7d"`.

docs/content/docs/getting-started.md

@@ -12,10 +12,34 @@ weight: 0
  
 ## Installation
 
+The following instructions describe how to run a development instance of Vendure using ts-node and a MySQL / MariaDB server
+
+### Set up the database
+
+You'll need a database server available from your local machine. For example, [this MariaDB & phpMyAdmin Docker image](https://github.com/bitnami/bitnami-docker-phpmyadmin) can be used. Create a new database and name it e.g. "vendure".
+
+You'll also need a driver for Vendure to connect to the database. In this case, the `mysql` package.
+
+```bash
+$ npm install mysql --save
+```
+
+### Install ts-node
+
+This allows us to run TypeScript directly without a compilation step. Useful for development.
+
+```bash
+$ npm install --save-dev ts-node
+```
+
+### Install Vendure
+
 ```bash
 $ npm install --save @vendure/core
 ```
 
+### Initialize with the Vendure CLI
+
 Vendure includes a CLI program which can generate the initial configuration and entry file for your server:
 
 ```bash
@@ -24,41 +48,22 @@ $ npx vendure init
 
 The init command will ask a series of questions which allow the CLI to generate a configuration and index file.
 
-```bash
-$ ts-node index
-```
+### Run
+
+Once the init script has completed, the server can be started.
 
-or if using JavaScript:
 ```bash
-$ node index
+$ ts-node index
 ```
 
-## Making a request
+Assuming the default config settings, you can now access:
 
-When making an API request, it must include a `vendure-token` header with the value being the channel token of the active channel. This value is set in the config by the `defaultChannelToken` property. If this is not set, or does not match a valid channel token, you will get the error `No valid channel was specified`.
+* The Vendure GraphQL API: [http://localhost:3000/api](http://localhost:3000/api)
+* The Vendure Admin UI: [http://localhost:3000/admin](http://localhost:3000/admin)
 
-For example:
-```TypeScript
-// index.ts
-bootstrap({
-    port: 3000,
-    apiPath: 'api',
-    defaultChannelToken: 'default-channel'
-    // ...
-});
-```
+{{% alert primary %}}
+Log in with the superadmin credentials:
 
-```TypeScript
-// API call
-fetch(
-    'http://localhost:3000/api',
-    {
-        headers: {
-            'content-type': 'application/json',
-            'vendure-token': 'default-channel',
-        },
-        body: '{"query":"mutation { login(username: \\"superadmin\\", password: \\"superadmin\\") { user { id } } }"}',
-        method: 'POST',
-    },
-);
-```
+* **username**: superadmin
+* **password**: superadmin
+{{% /alert %}}