/user-service

Additional Services related to user management in eSamwad

Primary LanguageTypeScriptMIT LicenseMIT

Docker Node.js CI Coverage Status Code Smells

Commitizen friendly

User Service

An OIDC compliant extensible user authentication and authorization service that includes key features such as passwordless authentication and attribute based access control (ABAC). It is written in Nest JS & using Fusion Auth as the underlying service for all User Management related tasks.

Features

  • CRUD support for respective Fusion Auth Applications
  • Authentication(Username/Password combo) for Fusion Auth Users
  • Passwordless (OTP based) authentication
  • RBAC support for the applications (Android, React Admin, etc.)
  • CRUD supporting creation/updation of records on 3rd party Hasura using Generic Config

Development

Installation

$ yarn install

Note: This project is built on VSCode and would be developed only with this IDE in mind. The .vscode directory will be kept updated with all the VSCode magic 🧙‍♂️.

Running the app

# development
$ yarn start

# watch mode
$ yarn start:dev

# debug mode
$ yarn start:debug

# production mode
$ yarn start:prod

Deployment

You can use docker image directly for production environment setup. A sample docker-compose.yml file should look like:

version: "3"

services:
  user-service:
    image: samagragovernance/esamwad-user-service:latest
    env_file:
      - ./.env
    ports:
      - "3000:3000"
    restart: always

Test

# unit tests
$ yarn test

# e2e tests
$ yarn test:e2e

# test coverage
$ yarn test:cov

# test a single file
$ yarn run test:watch ./src/user/sms/gupshup/gupshup.service.spec.ts

Add a sample service (Generic Config)

# open .env file
$ vi .env

# add your service info in below format
APP_application_id={"host": "dummy.com", "apiKey": "zse12344@#%ddsr", "encryption": {"enabled": true, "key": "veryhardkey"}, "hasura": {"graphql_url": "https://example.com/graphql", "admin_secret": "xxxx", "mutations": {"some_mutation_key": "mutation query..."}}}
# where apiKey, encryption.key and hasura is not mandatory
# Precedence will be given apiKey sent in Authorization header (Check swagger collection below for references)
# encryption.enabled provides option to encrypt username/password with the provided enrption.key before sending to the FA server.

# restart docker-compose
$ docker-compose down
$ docker-compose up -d --build

Note: In variable APP_application_id, "APP_" is the prefix and "application_id" is the UUID of Fusion Auth application with hyphen("-") replaced with underscore("_"). E.g. if application id is: 0000-0000-0000-0000 then the variable name must be: APP_0000_0000_0000_0000

JSON config

Variable Description
host Fusion Auth Host. e.g. http://localhost:9011 or http://example.com
apiKey Fusion Auth API key to use for the Fusion Auth APIs being access via User Service. This key will be ignored if header Authorization header is passed in the request.
encryption.enabled Boolean flag to enabled/disable encryption.
encryption.key Encryption key. Must be passed if encryption.enabled is true.
hasura.graphql_url Hasura Graphql URL for custom mutation calls to be made on hit of certain APIs.
hasura.admin_secret Hasura Admin Secret.
hasura.mutations A JSON object containing key: value; where key is the name of mutation & value contains the query/mutation for the Graphql call.

Postman Collection

Find here

License

Nest is MIT licensed.

Support

This project was bootstrapped using Nest. Nest is an MIT-licensed open source project. It can grow thanks to the sponsors and support by the amazing backers. If you'd like to join them, please read more here.