Mobicoop V3 authentication and authorization service
Go to file
Gsk54 4fd4d7e13d remove pgadmin 2022-12-26 09:42:49 +01:00
prisma multiple usernames 2022-12-20 17:37:59 +01:00
src send logging messages 2022-12-23 15:49:09 +01:00
.dockerignore remove pgadmin 2022-12-26 09:42:49 +01:00
.editorconfig initial commit 2022-12-15 10:59:45 +01:00
.env.dist remove pgadmin 2022-12-26 09:42:49 +01:00
.eslintrc.js initial commit 2022-12-15 10:59:45 +01:00
.gitignore remove pgadmin 2022-12-26 09:42:49 +01:00
.prettierrc initial commit 2022-12-15 10:59:45 +01:00
Dockerfile initial commit 2022-12-15 10:59:45 +01:00
LICENSE initial commit 2022-12-15 10:59:45 +01:00
README.md update readme 2022-12-23 16:10:42 +01:00
docker-compose.yml remove pgadmin 2022-12-26 09:42:49 +01:00
nest-cli.json initial commit 2022-12-15 10:59:45 +01:00
package-lock.json update and delete via message broker 2022-12-22 14:31:46 +01:00
package.json update and delete via message broker 2022-12-22 14:31:46 +01:00
tsconfig.build.json initial commit 2022-12-15 10:59:45 +01:00
tsconfig.json initial commit 2022-12-15 10:59:45 +01:00

README.md

Mobicoop V3 - Auth Service

Authentication (AuthN) and Authorization (AuthZ) data management.

Requirements

You need Docker and Docker-compose.

A RabbitMQ instance is also required to send / receive messages when data has been inserted/updated/deleted.

Installation

Copy .env.dist to .env :

cp .env.dist .env

and modify it to suit your needs.

Then execute :

docker-compose up -d

The app runs automatically on the port defined in SERVICE_PORT of .env file (default : 5002).

You then need to set the appropriate rights for PGAdmin container :

sudo chown -R 5050:5050 postgresql/.pgadmin_data

Database migration

Before using the app, you need to launch the database migration :

docker exec v3_user sh -c "npx prisma migrate dev"

Usage

The app is used for authentication (aka AuthN) and authorization (aka AuthZ : to be developped).

AuthN consists in verifying a username / password couple. A user can have multiple usernames (representing multiple identifiers), all of them sharing the same password. In the app, all the authentication information about a user is called an auth. As of 2022/10/23, the possible identifiers are :

  • an email
  • a phone number

Note that all usernames are unique in the system : many users can't have the same email or phone number.

For AuthN, the app exposes the following gRPC services :

  • Create : create an auth with one username / password (you can't create multiple usernames at once)

    {
        "uuid": "30f49838-3f24-42bb-a489-8ffb480173ae",
        "username": "john.doe@email.com",
        "password": "John123",
        "type": "EMAIL"
    }
    
  • AddUsername : add a username to an auth

    {
        "uuid": "30f49838-3f24-42bb-a489-8ffb480173ae",
        "username": "+33611223344",
        "type": "PHONE"
    }
    
  • UpdateUsername : update a username

    {
        "uuid": "30f49838-3f24-42bb-a489-8ffb480173ae",
        "username": "johnny.doe@email.com",
        "type": "EMAIL"
    }
    
  • DeleteUsername : delete a username (an error is thrown if it's the only username of an auth, as an auth must have at least one associated username)

    {
        "username": "+33611223344"
    }
    
  • UpdatePassword : update the password of an auth

    {
        "uuid": "30f49838-3f24-42bb-a489-8ffb480173ae",
        "password": "Johnny123"
    }
    
  • Validate : validate an auth (= authentication with username/password)

    {
        "username": "john.doe@email.com",
        "password": "Johnny123"
    }
    
  • Delete : delete an auth and its associated usernames

    {
        "uuid": "30f49838-3f24-42bb-a489-8ffb480173ae"
    }
    

Messages

Various RabbitMQ messages are sent for logging purpose.

Test

# unit tests
docker exec v3_user sh -c "npm run test"

# test coverage
docker exec v3_user sh -c "npm run test:cov"

Note : you can run all npm commands directly outside the container (see scripts section of package.json for available commands), but you need NodeJS installed locally. We strongly advise to install Node Version Manager and use the latest LTS version of Node.

License

Mobicoop V3 - Auth Service is AGPL licensed.