search

TKOaly / user-service

User service for TKO-äly
MIT License
4 stars 3 forks source link
authentication docker knex microservice mocha scss tkoaly typescript

readme

TKO-äly user service

Maintainer

Build status (master)

Test coverage (master) codecov

Test coverage (dev) codecov

license

devDependencies dependencies

TypeScript GitHub top language

contributions welcome GitHub pull requests GitHub issues

Microservice for authenticating users of members.tko-aly.fi.

Documentation

Documentation generated by Typedoc here

Installation instructions

  1. Clone the repo

(Optional: Run nvm install and nvm use to install the correct Node version. This requires Node Version Manager (NVM) to be installed)

  1. Run yarn install
  2. Copy .env.example to .env and set environment variables
  3. Run yarn test to run unit & API tests. Run yarn browser-test to run E2E tests.
  4. Run yarn start or `yarn watch``

Updating package-lock.json for production

The Dockerfile uses npm (and our very specific package-lock.json configuration).
Make sure to run npm install before pushing, if you have new dependencies.

Pushing to TKO-äly's Docker registry

  1. Clone the repo
  2. Copy .env.deploy.example to .env.deploy and set your Docker credentials
  3. Run chmod +x ./deploy-container.sh and after that, run ./deploy-container.sh

This will build the image and push it to registry.tko-aly.fi Docker registry.

Docker

  1. docker-compose up -d. Now you can check adminer http://localhost:8081 (uname: root, pw: unsecure). The service is running at http://localhost:8080.
  2. docker-compose run web yarn migrate.
  3. docker-compose run web yarn seed.
  4. Boom, you should be ready to tyckittää.

Endpoints

GET /?serviceIdentifier={service identifier}

Shows the user a login form, that authenticates to a service identified by the service identifier. If the user is already authenticated to the service, the form will redirect the user to the service specified.

Login page

If the user does not input a service identifier, the following view is shown:

Missing service identifier page

If the login fails, the following view is shown:

Login error page

After clicking login, the user is redirected to the permission prompt page:

Permission page

POST /api/auth/requestPermissions

Authenticates a user with username, password and a service identifier. It returns a authorization token which can be used to fetch user information.

Example of form POST body:

{
  "username": "hugeli",
  "password": "1234",
  "serviceIdentifier": "12a0058d-f9aa-1e22-b01a-6025700dab1f"
}

The response of this request is a form verifying what user information is used in that service (services are identified by an unique service idenfitier.)

GET /api/users/me?dataRequest={data request bitfield}

The dataRequest query parameter is required. It is a bitfield which values are 2 ^ the User model's attribute index.

If I wan't to get the id, name and email of a user, I do Math.pow(2, 0) | Math.pow(2, 2) | Math.pow(2, 4), then insert that value into the dataRequest query. It would return:

Example response:

{
  "ok": true,
  "message": "Success",
  "payload": {
    "id": 420,
    "name": "Bob John",
    "email": "asd@asd.com"
  }
}