4fd4d7e13d | ||
---|---|---|
prisma | ||
src | ||
.dockerignore | ||
.editorconfig | ||
.env.dist | ||
.eslintrc.js | ||
.gitignore | ||
.prettierrc | ||
Dockerfile | ||
LICENSE | ||
README.md | ||
docker-compose.yml | ||
nest-cli.json | ||
package-lock.json | ||
package.json | ||
tsconfig.build.json | ||
tsconfig.json |
README.md
Mobicoop V3 - Auth Service
Authentication (AuthN) and Authorization (AuthZ) data management.
Requirements
You need Docker and Docker-compose.
A RabbitMQ instance is also required to send / receive messages when data has been inserted/updated/deleted.
Installation
Copy .env.dist
to .env
:
cp .env.dist .env
and modify it to suit your needs.
Then execute :
docker-compose up -d
The app runs automatically on the port defined in SERVICE_PORT
of .env
file (default : 5002).
You then need to set the appropriate rights for PGAdmin container :
sudo chown -R 5050:5050 postgresql/.pgadmin_data
Database migration
Before using the app, you need to launch the database migration :
docker exec v3_user sh -c "npx prisma migrate dev"
Usage
The app is used for authentication (aka AuthN) and authorization (aka AuthZ : to be developped).
AuthN consists in verifying a username / password couple. A user can have multiple usernames (representing multiple identifiers), all of them sharing the same password. In the app, all the authentication information about a user is called an auth. As of 2022/10/23, the possible identifiers are :
- an email
- a phone number
Note that all usernames are unique in the system : many users can't have the same email or phone number.
For AuthN, the app exposes the following gRPC services :
-
Create : create an auth with one username / password (you can't create multiple usernames at once)
{ "uuid": "30f49838-3f24-42bb-a489-8ffb480173ae", "username": "john.doe@email.com", "password": "John123", "type": "EMAIL" }
-
AddUsername : add a username to an auth
{ "uuid": "30f49838-3f24-42bb-a489-8ffb480173ae", "username": "+33611223344", "type": "PHONE" }
-
UpdateUsername : update a username
{ "uuid": "30f49838-3f24-42bb-a489-8ffb480173ae", "username": "johnny.doe@email.com", "type": "EMAIL" }
-
DeleteUsername : delete a username (an error is thrown if it's the only username of an auth, as an auth must have at least one associated username)
{ "username": "+33611223344" }
-
UpdatePassword : update the password of an auth
{ "uuid": "30f49838-3f24-42bb-a489-8ffb480173ae", "password": "Johnny123" }
-
Validate : validate an auth (= authentication with username/password)
{ "username": "john.doe@email.com", "password": "Johnny123" }
-
Delete : delete an auth and its associated usernames
{ "uuid": "30f49838-3f24-42bb-a489-8ffb480173ae" }
Messages
Various RabbitMQ messages are sent for logging purpose.
Test
# unit tests
docker exec v3_user sh -c "npm run test"
# test coverage
docker exec v3_user sh -c "npm run test:cov"
Note : you can run all npm commands directly outside the container (see scripts section of package.json
for available commands), but you need NodeJS installed locally. We strongly advise to install Node Version Manager and use the latest LTS version of Node.
License
Mobicoop V3 - Auth Service is AGPL licensed.