You also need NodeJS installed locally : we **strongly** advise to install [Node Version Manager](https://github.com/nvm-sh/nvm) and use the latest LTS version of Node (check that your local version matches with the one used in the Dockerfile).
The API will run inside a docker container, **but** the install itself is made outside the container, because during development we need tools that need to be available locally (eg. ESLint, Prettier...).
AuthN consists in verifying a username / password couple. A user can have multiple usernames (representing multiple identifiers), all of them sharing the same password. In the app, all the authentication information about a user is called an _auth_. As of 2022/10/23, the possible identifiers are :
-**DeleteUsername** : delete a username (an error is thrown if it's the only username of an auth, as an auth **must** have at least one associated username)
```json
{
"username": "+33611223344"
}
```
-**UpdatePassword** : update the password of an auth
AuthZ consists in verifying if a given **user** has the right permission to execute a given **action** within a given **domain**. Some context-dependant information can be given as well.
For AuthZ, the app exposes the following [gRPC](https://grpc.io/) services :
-**Decide** : asks the authorization service if a user has the right permission
```json
{
"uuid": "96d99d44-e0a6-458e-a656-de2a400d60a9",
"domain": "user",
"action": "read",
"context": [
{
"name": "owner",
"value": "96d99d44-e0a6-458e-a656-de2a400d60a8"
},
{
"name": "role",
"value": "admin"
}
]
}
```
In return, the service gives an authorization response :
Tests are run outside the container for ease of use (switching between different environments inside containers using prisma is complicated and error prone).
The integration tests use a dedicated database (see *db-test* section of *docker-compose.yml*).
