A Node.js Authentication Microservice
This project is a lightweight authentication microservice. It mainly implements two functionalities:
- A sign up route responsible for storing an email-password pair into a MySQL database.
- A log in route responsible for retrieving an email-password pair from the database, and generating an access token.
The Router Layer contains the API routes of the application. It is responsible for parsing and validating the payload of incoming requests and forwarding the parsed data to the Service Layer as well as translate the call into a valid HTTP response before sending it back to the client.
The Service Layer is located between the Router Layer and the Data Access Layer. It is agnostic to any transport mechanism which means it can receive data from multiple sources and still process it properly. The Service Layer contains the Business Logic of the microservice.
The Data Access Layer is responsible for performing input/output operations outside of the application’s boundaries, such as communicating with the database.
- Signup
- Login
- Validation
- Custom Error
- Unit tests with Jest
- API documentation with Swagger
To run the project you need to have the following installed on your machine:
- Node.js
- Docker
First: Clone the Git repository
$ git clone https://github.com/evilpaper/nightcake
Second: Install the dependencies
$ cd project && npm install
To run the project you must first add environmental variables in the config directory.
EX. DEVELOPMENT:
SERVER_PORT=3000
JWT_SECRET="the-jwt-secret"
DATABASE_NAME=authentication
DATABASE_USER=admin
DATABASE_PASSWORD=admin
DATABASE_HOST=localhost
DATABASE_PORT=3306
DATABASE_DIALECT=mysql
DATABASE_LOGGING=TRUE
DATABASE_SYNC=TRUE
To run the server in development mode.
Create and run a Docker container for the MySQL database:
$ docker run -d -p 3306:3306 \
-e MYSQL_ROOT_PASSWORD=root \
-e MYSQL_DATABASE=authentication \
-e MYSQL_USER=admin \
-e MYSQL_PASSWORD=admin \
mysql:8
You can validate the the container is up and running by using:
$ docker ps
When the container is up. Start the service with:
$ npm run dev
To run the unit tests:
$ npm run test-unit
Once the service is runniing you can test the endpoints with curl.
$ curl -i -X POST \
-H 'Content-Type: application/x-www-form-urlencoded' \
-d 'email=user&password=papasmurf' \
127.0.0.1:3000/auth/login
$ curl -i -X POST \
-H 'Content-Type: application/x-www-form-urlencoded' \
-d 'email=user&password=papa' \
127.0.0.1:3000/auth/login
$ curl -i -X POST \
-H 'Content-Type: application/x-www-form-urlencoded' \
-d '[email protected]&password=clumsysmurf' \
127.0.0.1:3000/auth/login
$ curl -i -X POST \
-H 'Content-Type: application/x-www-form-urlencoded' \
-d '[email protected]&password=clumsysmurf' \
127.0.0.1:3000/auth/signup
$ curl -i -X POST \
-H 'Content-Type: application/x-www-form-urlencoded' \
-d '[email protected]&password=clumsysmurf' \
127.0.0.1:3000/auth/signup
$ curl -i -X POST \
-H 'Content-Type: application/x-www-form-urlencoded' \
-d '[email protected]&password=clumsysmurf' \
127.0.0.1:3000/auth/login
Should return HTTP 403 (Forbidden) when trying to access /me without being logged in (having an accessToken).
$ curl -i 127.0.0.1:3000/me
- Set accessToken on login
- Add protected route
/logoutthat delete the accessToken - Add protected route
/methat return the users information - refreshToken
- JWT Token has Invalid Signature. Resolved. The secret should start out as a plain text sting. If in Base64-encoded format we need to decode it first.
You can access the API documentation at: http://127.0.0.1:3000/docs
- Pelle Lundgren
- Razvan Ludosanu
MIT