/uas-go

This Golang microservice offers secure user authentication for your applications

Primary LanguageGo

Contributors Forks Stargazers Issues LinkedIn


User Authentication Microservice

Report Bug · Request Feature

Table of Contents
  1. About The Project
  2. Getting Started
  3. Usage
  4. Roadmap
  5. Contributing
  6. License
  7. Contact

About The Project

This Golang microservice offers secure user authentication for your applications. It supports email/password login and can be extended to include additional methods like OTP or magic link login.

(back to top)

Features

  • User Registration/Login with Email and Password
  • Email/Password Login
  • Secure Password Hashing (bcrypt)
  • JSON Web Token (JWT) based Authentication

Built With

  • Bcrypt
  • Docker
  • Golang
  • Json Web Token
  • MySQL

(back to top)

Getting Started

To get a local copy up and running follow these simple steps.

Prerequisites

  • Docker
  • Golang 1.21 or higher
  • MySQL 5.7 or higher

Installation

  1. Clone the repo
git clone https://github.com/conceptcodes/uas-go.git
  1. Install the dependencies and create an .env file in the root directory. Copy the contents of the .env.example file and replace the values with your own.
go mod download 
cp .env.example .env
  1. Run the migrations
make migrate
  1. Start the server
make start
  1. The server should now be running on http://localhost:8080

(back to top)

Usage

Health Check

curl -X GET \
  https://localhost:8080/api/v1/health
{
  "status": "ok"
}

Onboard a new Tenant

This action will add an authorization header to the response. All subsequent requests must include a base64-encoded authorization header. This header value is generated by combining your department ID and service secret, separated by a colon. This allows the service to authenticate the tenant and authorize requests.

curl -X POST \
  -H "Content-Type: application/json" \
  -d '{
    "departmentName": "Department Name",
    "departmentId": "c4c2fab4-0a4f-4f8d-924c-611aa4af2fe2"
  }' \
  https://localhost:8080/api/v1/tenants
{
  "id": "",
  "departmentName": "Department Name",
  "departmentId": "826dad3c-ae6d-4603-8190-730cad295035",
}

Register a new User

curl -X POST \
  -H "Content-Type: application/json" \
  -d '{
    "email": "user@example.com",
    "password": "strong_password",
    "name": "John Smith"
  }' \
  https://localhost:8080/api/v1/users/credential/register
{
  "id": "",
  "name": "John Smith",
  "email": "user@example.com"
}

Login (Credentials)

curl -X POST \
  -H "Content-Type: application/json" \
  -d '{
    "email": "user@example.com",
    "password": "strong_password"
  }' \
  https://localhost:8080/api/v1/users/credential/login
{
  "accessToken": "eyJhbGciNiIsInR5C..." (JWT token string),
  "refreshToken": "eyJhbGciNiIsInR4C..." 
}

Login (OTP)

curl -X POST \
  -H "Content-Type: application/json" \
  -d '{
    "phoneNumber": ""
  }' \
  https://localhost:8080/api/v1/users/otp/send
{
  "message": "OTP sent successfully"
}

Verify OTP

curl -X POST \
  -H "Content-Type: application/json" \
  -d '{
    "phoneNumber": "",
    "otp": ""
  }' \
  https://localhost:8080/api/v1/users/otp/verify
{
  "accessToken": "eyJhbGciNiIsInR5C...",
  "refreshToken": "eyJhbGciNiIsInR5C..."
}

Refresh Token

curl -X POST \
  -H "Content-Type: application/json" \
  -H "Cookie: <access_token>" \
  https://localhost:8080/api/v1/users/refresh-token

Security Considerations

  • HTTPS for all communication.
  • Rate limiting for login attempts.
  • RBAC for user roles and permissions.

Roadmap

  • Add support for email verification
  • Add support for password reset
  • Add support for rate limiting
  • Add support for OTP login
  • Add support for magic link login
  • Add support for RBAC
  • Add support for audit logging