An OIDC compliant extensible user authentication and authorization service that includes key features such as passwordless authentication and attribute based access control (ABAC). It is written in Nest JS & using Fusion Auth as the underlying service for all User Management related tasks.
- CRUD support for respective Fusion Auth Applications
- Authentication(Username/Password combo) for Fusion Auth Users
- Passwordless (OTP based) authentication
- RBAC support for the applications (Android, React Admin, etc.)
- CRUD supporting creation/updation of records on 3rd party Hasura using Generic Config
$ yarn installNote: This project is built on VSCode and would be developed only with this IDE in mind. The .vscode directory will be kept updated with all the VSCode magic 🧙♂️.
# development
$ yarn start
# watch mode
$ yarn start:dev
# debug mode
$ yarn start:debug
# production mode
$ yarn start:prodYou can use docker image directly for production environment setup. A sample docker-compose.yml file should look like:
version: "3"
services:
user-service:
image: samagragovernance/esamwad-user-service:latest
env_file:
- ./.env
ports:
- "3000:3000"
restart: always
# unit tests
$ yarn test
# e2e tests
$ yarn test:e2e
# test coverage
$ yarn test:cov
# test a single file
$ yarn run test:watch ./src/user/sms/gupshup/gupshup.service.spec.ts# open .env file
$ vi .env
# add your service info in below format
APP_application_id={"host": "dummy.com", "apiKey": "zse12344@#%ddsr", "encryption": {"enabled": true, "key": "veryhardkey"}, "hasura": {"graphql_url": "https://example.com/graphql", "admin_secret": "xxxx", "mutations": {"some_mutation_key": "mutation query..."}}}
# where apiKey, encryption.key and hasura is not mandatory
# Precedence will be given apiKey sent in Authorization header (Check swagger collection below for references)
# encryption.enabled provides option to encrypt username/password with the provided enrption.key before sending to the FA server.
# restart docker-compose
$ docker-compose down
$ docker-compose up -d --buildNote: In variable APP_application_id, "APP_" is the prefix and "application_id" is the UUID of Fusion Auth application with hyphen("-") replaced with underscore("_"). E.g. if application id is: 0000-0000-0000-0000 then the variable name must be: APP_0000_0000_0000_0000
| Variable | Description |
|---|---|
host |
Fusion Auth Host. e.g. http://localhost:9011 or http://example.com |
apiKey |
Fusion Auth API key to use for the Fusion Auth APIs being access via User Service. This key will be ignored if header Authorization header is passed in the request. |
encryption.enabled |
Boolean flag to enabled/disable encryption. |
encryption.key |
Encryption key. Must be passed if encryption.enabled is true. |
hasura.graphql_url |
Hasura Graphql URL for custom mutation calls to be made on hit of certain APIs. |
hasura.admin_secret |
Hasura Admin Secret. |
hasura.mutations |
A JSON object containing key: value; where key is the name of mutation & value contains the query/mutation for the Graphql call. |
Find here
Nest is MIT licensed.
This project was bootstrapped using Nest. Nest is an MIT-licensed open source project. It can grow thanks to the sponsors and support by the amazing backers. If you'd like to join them, please read more here.