Go to file
2024-02-11 17:01:25 +01:00
db Protected POST /account and fixed with JWT stuff in general 2021-01-03 18:21:42 +01:00
src Dependency updates etc 2024-02-11 17:01:25 +01:00
tests New version yo 2023-05-10 22:35:38 +02:00
.dockerignore Minor stuff 2022-01-22 15:35:58 +01:00
.drone.yml Clean-up after drone pipelines 2023-05-16 22:54:02 +02:00
.env_example Updating versions and changing log system 2023-02-20 23:54:02 +01:00
.gitignore Latest udpates 2021-12-10 23:09:57 +01:00
docker-compose.yml Disable external port for postgres 2023-05-16 22:50:17 +02:00
Dockerfile Reworking stuff 2023-05-08 15:29:19 +02:00
Dockerfile.migrations Reworking stuff 2023-05-08 15:29:19 +02:00
go.mod Dependency updates etc 2024-02-11 17:01:25 +01:00
go.sum Dependency updates etc 2024-02-11 17:01:25 +01:00
LICENSE Added license and upgraded postgres 2022-02-18 19:27:02 +01:00
README.md New version yo 2023-05-10 22:35:38 +02:00

Auth API

A tiny REST API for auth. Register accounts, auth with api-key or name/password, renew JWT tokens...

Quick start with docker compose

Migrate database: docker-compose run --rm db-migrations

Start the API (on port 4000 by default): docker-compose up -d

Point your browser to http://localhost:4000 to view the swagger API documentation.

Admin account

On first startup with a clean database, an account with name "admin" and the field "role" with a value "admin" is created with no password, using the API Key from ADMIN_API_KEY in the .env file.

Special account field: "role"

The account field "role" is a bit special, in that if it contains "admin" as one of its values, that grants access to all methods on all accounts on this service. It might be a good idea to use the field "role" for authorization throughout your services.

Tests

Run integration tests (Requires migrated database and started API): docker-compose run --rm tests

Deploy a new version

Everytime a push is done, tests are ran on Drone. To deploy a new version to Dockerhub, create a new tag (USE SEMVER!!!).

Some useful cURLs

Obtain an admin GWT: curl -d '"api-key-goes-here"' -H "Content-Type: application/json" -i http://localhost:4000/auth/api-key

Use a bearer token to make a call: curl -H "Content-Type: application/json" -H "Authorization: bearer your-JWT-token-goes-here" -i http://localhost:4000/accounts/{accountID}

Create account: curl -d '{"name": "Bosse", "password": "Hemligt", "fields": [{ "name":"role", "values":["user"]}]}' -H "Content-Type: application/json" -H "Authorization: bearer your-JWT-token-goes-here" -i http://localhost:4000/account

Development

For local development, run with .env like: eval $(cat .env) go run src/main.go

To regenerate the swagger docs folder:

  1. Make sure you have swag installed: https://github.com/swaggo/swag
  2. cd src && swag init