Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
223 lines (127 sloc) 6.21 KB

Auth Server


auth_server is a node application acting as an authentication and portable contact server. It uses mongodb as DB.

It's a part of a project named turbulences for creating a distributed social network.

Based on oauth2_client_node and oauth2_server_node, it follows the draft 10 of the OAuth2 specification. As these projects evolve, auth_server will follow the OAuth2 specification evolutions.

The benefits are multiple:

  • there is only one application where Alice has to be registered (and so one set of credentials per user);
  • when developing a new application, there is no need to recreate all user registration process stuff, but only to plug the application to auth_server;

auth_server is functionnal (ie: users can sign in/out the the application and others applications using the service), but the administration interface lacks many features, including adding/editing user's contacts.

This project is alpha software, it might not be ready for production use yet.

Similar projects

auth_server is developed together with:



Make sure gettext (xgettext and msgfmt) are installed on your system, then:

make install
make update_js_templates

Run the tests

Make sure nodetk/bins is in your PATH environment variable and NODE_PATH environment variable includes node/lib directory. For more info on this, please have a look at the nodetk README file. (looks like 'npm install .' in vendor/nodetk should do the trick) Then:

nodetests src/tests

Updating templates

When updating the templates, they need to be "repackaged" for the web application. This can be done doing:

make update_js_templates

or, to skip the i18n process:

make skip

Load some testing data in DB

This command will load some testing data in the DB:

node src/scripts/load_data.js

Running the server

Tweak the config.js file to fit your needs, then:

node src/server.js


auth_server uses many other projects, including:

Projects and organizations using auth_server

A wiki page lists the projects and organizations using auth_server. Don't hesitate to edit it.



Obtaining End-User Authorization


Obtaining an Access Token



List clients

GET /clients

Create client

POST /clients

Update client

PUT /clients/:id

Delete client

DELETE /clients/:id

List users

GET /users

Update user password

POST /me/password

Portables contacts

We follow the the current specification of portables contacts.

All filtering/sorting are not available.

Example of a portable contact record:

  "displayName": "Foo Bar",
  "name": {
   "familyName": "Foo",
   "givenName": Bar"
  "id": "XXXX"

Get current user

GET /portable_contacts/@me/@self

$ curl --header "Authorization: OAuth TOKEN" /portable_contacts/@me/@self

Get all contacts from current user

GET /portable_contacts/@me/@all

$ curl --header "Authorization: OAuth TOKEN" /portable_contacts/@me/@all

Get one contact from current user

GET /portable_contacts/@me/@all/:id

$ curl --header "Authorization: OAuth TOKEN" /portable_contacts/@me/@all/:id

Create a contact

POST /portable_contacts/@me/@all

$ curl -X POST --header "Content-Type: application/json" --header "Authorization: OAuth TOKEN" /portable_contacts/@me/@all --data-binary @portable_contact.json

Update a contact

PUT /portable_contacts/@me/@all/:id

$ curl -X PUT --header "Content-Type: application/json" --header "Authorization: OAuth TOKEN" /portable_contacts/@me/@all/:id --data-binary @portable_contact.json

Delete a contact

DELETE /portable_contacts/@me/@all/:id

$ curl -X DELETE --header "Authorization: OAuth TOKEN" /portable_contacts/@me/@all/:id


  • 0.1.3

    Upgrade to mongoskin for the model layer.

  • 0.1.2

    Update doc and Makefile with latest change of npm.

    Fix index creation on mongodb.

  • 0.1.1

    Fix typo.

  • 0.1.0

    Remove authorizations.

    Add portable contacts api.

    Updated many dependencies.


(c) 2011 af83

This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU Affero General Public License along with this program. If not, see