ParthoShuvo/auth-system

An User Authentication System that will allow users to Login via Email/Phone and Password combination and receive a short lived Access Token that will allow them to access some authenticated routes in other services.

Auth-Service

An User Authentication Service that will allow users to Login via Email/Phone and Password combination and receive a short lived Access Token that will allow them to access some authenticated routes in other services (these services are out of scope of this project but think about the use cases).

Outline

• Auth-Service
  • Outline
    • Features to be implemented
    • Service Diagram
    • Run Instructions
      • Dockerize services running ports
    • Postman collection and Endpoints
    • Pre-populated data
      • Users
      • Roles and permissions

Features to be implemented

1. Registration - optional, can go with already populated Users in DB. If you decide to go for it, mock any verification process ex. Email/Phone Verification
2. Login
3. Access & Refresh Tokens - upon successful login User will receive an Access Token(short lived) and a Refresh Token(relatively long lived, can be used to avoid forcing the user to login each time an Access Token expires).
4. JWT tokens are preferable.
5. Verify Token - endpoint to verify an Access Token. Verified Access token will return the User's profile, role, permission etc.
6. New Access Token - endpoint to acquire a new Access Token using the Refresh Token generated upon Login.

Service Diagram

Run Instructions

• To spin up: run docker-compose up --build.

  • AuthSvc will be running on https://localhost:8080 after docker-compose up
  • Mailhog mock mail server's web UI will be running on http://localhost:8025.
  • Change the ports both in authsvc.json and docker-compose.yml if any port conflict is occured while docker run

• To tear down: run docker-compose down -v

Dockerize services running ports

Service	Type	Docker Port	Host Port
authsvc	Web	8080	8080
authdb	Database	3306	3320
tokencache	Cache	6379	3321
smtpmock	Mail Server	1025	1025
smtpmock	Web UI	8025	8025

Postman collection and Endpoints

Import the url (https://www.getpostman.com/collections/f4dc6a39771cb8945120) into Postman to get the API collection. Please follow the link to know more.

Check the endpoints here

Pre-populated data

Following Users, Roles and their permissions will be added to AuthDB on docker-compose up

Users

No	Email	Password	Roles
01	admin.user@testmail.com	_LaRa08CRoft	Admin
02	author.user1@testmail.com	_GOllum#!	Author
03	reader.user1@testmail.com	bUfo_MelanOst!ktus	Reader

Roles and permissions

No	Roles	Permissions
01	Admin	GetPost, AddPost, UpdatePost, DeletePost
02	Author	GetPost, AddPost, UpdatePost
03	Reader	GetPost