auth/README.md

134 lines
3.3 KiB
Markdown

# Mobicoop V3 - Auth Service
Authentication (AuthN) and Authorization (AuthZ) data management.
## Requirements
You need [Docker](https://docs.docker.com/engine/) and [Docker-compose](https://docs.docker.com/compose/).
A RabbitMQ instance is also required to send / receive messages when data has been inserted/updated/deleted.
## Installation
Copy `.env.dist` to `.env` :
```bash
cp .env.dist .env
```
and modify it to suit your needs.
Then execute :
```bash
docker-compose up -d
```
The app runs automatically on the port defined in `SERVICE_PORT` of `.env` file (default : _5002_).
## Database migration
Before using the app, you need to launch the database migration :
```bash
docker exec v3_user sh -c "npx prisma migrate dev"
```
## Usage
The app is used for authentication (aka AuthN) and authorization (aka AuthZ : _to be developped_).
AuthN consists in verifying a username / password couple. A user can have multiple usernames (representing multiple identifiers), all of them sharing the same password. In the app, all the authentication information about a user is called an _auth_. As of 2022/10/23, the possible identifiers are :
- an email
- a phone number
Note that all usernames are unique in the system : many users can't have the same email or phone number.
For AuthN, the app exposes the following [gRPC](https://grpc.io/) services :
- **Create** : create an auth with one username / password (you can't create multiple usernames at once)
```json
{
"uuid": "30f49838-3f24-42bb-a489-8ffb480173ae",
"username": "john.doe@email.com",
"password": "John123",
"type": "EMAIL"
}
```
- **AddUsername** : add a username to an auth
```json
{
"uuid": "30f49838-3f24-42bb-a489-8ffb480173ae",
"username": "+33611223344",
"type": "PHONE"
}
```
- **UpdateUsername** : update a username
```json
{
"uuid": "30f49838-3f24-42bb-a489-8ffb480173ae",
"username": "johnny.doe@email.com",
"type": "EMAIL"
}
```
- **DeleteUsername** : delete a username (an error is thrown if it's the only username of an auth, as an auth **must** have at least one associated username)
```json
{
"username": "+33611223344"
}
```
- **UpdatePassword** : update the password of an auth
```json
{
"uuid": "30f49838-3f24-42bb-a489-8ffb480173ae",
"password": "Johnny123"
}
```
- **Validate** : validate an auth (= authentication with username/password)
```json
{
"username": "john.doe@email.com",
"password": "Johnny123"
}
```
- **Delete** : delete an auth and its associated usernames
```json
{
"uuid": "30f49838-3f24-42bb-a489-8ffb480173ae"
}
```
## Messages
Various RabbitMQ messages are sent for logging purpose.
## Test
```bash
# unit tests
docker exec v3_user sh -c "npm run test"
# test coverage
docker exec v3_user sh -c "npm run test:cov"
```
Note : you can run all npm commands directly _outside_ the container (see _scripts_ section of `package.json` for available commands), but you need NodeJS installed locally. We **strongly** advise to install [Node Version Manager](https://github.com/nvm-sh/nvm) and use the latest LTS version of Node.
## License
Mobicoop V3 - Auth Service is [AGPL licensed](LICENSE).