134 lines
3.3 KiB
Markdown
134 lines
3.3 KiB
Markdown
# Mobicoop V3 - Auth Service
|
|
|
|
Authentication (AuthN) and Authorization (AuthZ) data management.
|
|
|
|
## Requirements
|
|
|
|
You need [Docker](https://docs.docker.com/engine/) and [Docker-compose](https://docs.docker.com/compose/).
|
|
|
|
A RabbitMQ instance is also required to send / receive messages when data has been inserted/updated/deleted.
|
|
|
|
## Installation
|
|
|
|
Copy `.env.dist` to `.env` :
|
|
|
|
```bash
|
|
cp .env.dist .env
|
|
```
|
|
|
|
and modify it to suit your needs.
|
|
|
|
Then execute :
|
|
|
|
```bash
|
|
docker-compose up -d
|
|
```
|
|
|
|
The app runs automatically on the port defined in `SERVICE_PORT` of `.env` file (default : _5002_).
|
|
|
|
## Database migration
|
|
|
|
Before using the app, you need to launch the database migration :
|
|
|
|
```bash
|
|
docker exec v3_user sh -c "npx prisma migrate dev"
|
|
```
|
|
|
|
## Usage
|
|
|
|
The app is used for authentication (aka AuthN) and authorization (aka AuthZ : _to be developped_).
|
|
|
|
AuthN consists in verifying a username / password couple. A user can have multiple usernames (representing multiple identifiers), all of them sharing the same password. In the app, all the authentication information about a user is called an _auth_. As of 2022/10/23, the possible identifiers are :
|
|
|
|
- an email
|
|
- a phone number
|
|
|
|
Note that all usernames are unique in the system : many users can't have the same email or phone number.
|
|
|
|
For AuthN, the app exposes the following [gRPC](https://grpc.io/) services :
|
|
|
|
- **Create** : create an auth with one username / password (you can't create multiple usernames at once)
|
|
|
|
```json
|
|
{
|
|
"uuid": "30f49838-3f24-42bb-a489-8ffb480173ae",
|
|
"username": "john.doe@email.com",
|
|
"password": "John123",
|
|
"type": "EMAIL"
|
|
}
|
|
```
|
|
|
|
- **AddUsername** : add a username to an auth
|
|
|
|
```json
|
|
{
|
|
"uuid": "30f49838-3f24-42bb-a489-8ffb480173ae",
|
|
"username": "+33611223344",
|
|
"type": "PHONE"
|
|
}
|
|
```
|
|
|
|
- **UpdateUsername** : update a username
|
|
|
|
```json
|
|
{
|
|
"uuid": "30f49838-3f24-42bb-a489-8ffb480173ae",
|
|
"username": "johnny.doe@email.com",
|
|
"type": "EMAIL"
|
|
}
|
|
```
|
|
|
|
- **DeleteUsername** : delete a username (an error is thrown if it's the only username of an auth, as an auth **must** have at least one associated username)
|
|
|
|
```json
|
|
{
|
|
"username": "+33611223344"
|
|
}
|
|
```
|
|
|
|
- **UpdatePassword** : update the password of an auth
|
|
|
|
```json
|
|
{
|
|
"uuid": "30f49838-3f24-42bb-a489-8ffb480173ae",
|
|
"password": "Johnny123"
|
|
}
|
|
```
|
|
|
|
- **Validate** : validate an auth (= authentication with username/password)
|
|
|
|
```json
|
|
{
|
|
"username": "john.doe@email.com",
|
|
"password": "Johnny123"
|
|
}
|
|
```
|
|
|
|
- **Delete** : delete an auth and its associated usernames
|
|
|
|
```json
|
|
{
|
|
"uuid": "30f49838-3f24-42bb-a489-8ffb480173ae"
|
|
}
|
|
```
|
|
|
|
## Messages
|
|
|
|
Various RabbitMQ messages are sent for logging purpose.
|
|
|
|
## Test
|
|
|
|
```bash
|
|
# unit tests
|
|
docker exec v3_user sh -c "npm run test"
|
|
|
|
# test coverage
|
|
docker exec v3_user sh -c "npm run test:cov"
|
|
```
|
|
|
|
Note : you can run all npm commands directly _outside_ the container (see _scripts_ section of `package.json` for available commands), but you need NodeJS installed locally. We **strongly** advise to install [Node Version Manager](https://github.com/nvm-sh/nvm) and use the latest LTS version of Node.
|
|
|
|
## License
|
|
|
|
Mobicoop V3 - Auth Service is [AGPL licensed](LICENSE).
|