SSO Server

Live at azordev-auth.herokuapp.com

Features
Getting Started
Code Overview
Author
Contributing
Show your support
License

Features

Getting started

To get the Node server running locally:

Clone this repo
npm install to install all required dependencies
Install MongoDB Community Edition (instructions) and run it by executing mongod
npm run dev to start the local server

Code Overview

Dependencies

expressjs - The server for handling and routing HTTP requests
express-jwt - Middleware for validating JWTs for authentication
jsonwebtoken - For generating JWTs used by authentication
mongoose - For modeling and mapping MongoDB data to javascript

Application Structure

index.js - The entry point to our application. This file defines our express server and connects it to all the middlewares needed. It also requires the routes and models we'll be using in the application.
server/ - This folder contains configuration for the app as well as a central location for configuration/environment variables.
api/ - This folder contains the route definitions for our API.
service/ - This folder contains the schema definitions for our Mongoose models.

Error Handling

In api/v1/index.js, we define a error-handling middleware for handling Mongoose's ValidationError. This middleware will respond with a 422 status code and format the response to have error messages the clients can understand

Authentication

Requests are authenticated using the Authorization header with a valid JWT. We define two express middlewares in service/auth.js that can be used to authenticate requests. The required middleware configures the express-jwt middleware using our application's secret and will return a 401 status code if the request cannot be authenticated. The payload of the JWT can then be accessed from req.payload in the endpoint. The optional middleware configures the express-jwt in the same way as required, but will not return a 401 status code if the request cannot be authenticated.