This project is designed to be an Identity Access Management (IAM) solution focused around token based authentication and authorization. The goal of this software is to securely provide access to protected user resources over a REST API.
- /api/auth
- GET - Refresh Token *
- POST - Login
- PUT - Reset Password *
- PATCH - Recover Account
- DELETE - Delete Account *
- /api/user
- GET - Profile *
- POST - Create User
- PUT - Update Profiles *
- PATCH - Update Email *
- DELETE - Deactivate User *
- /api/validate
- /confirmation
- POST - Confirm User Confirmation
- PUT - Re-send User Confirmation
- /recovery
- POST - Password Reset for Account Recovery
- /confirmation
- /status - Server healthcheck
- /env - Application metadata
* - Requires auth token
I would recommend developing within a virtualenv preferably via virtualenvwrapper.
Install application dependencies:
pip install -r requirements.txt
Run tests:
pytest
Or more stringently:
python -m pytest tests/
- Configure test options in
pytest.ini
Start application in development mode:
flask run
Initialize database migrations:
flask db init
Generate new migrations:
flask db migrate
Upgrade and downgrade the schema using:
flask db upgrade
flask db downgrade
To use the most recent migration (preferred):
flask db stamp head
flask db upgrade
- Mailtrap is preferred for development and API testing.
Update the SMTP server parameters in .env
for development and testing.
For staging and production feel free to use any SMTP service of your choice, just set the SMTP server parameters within their respective environment keys.
- Reference
.env
for appropriate keys.
- Insomnia is required for API testing
Import api.json
and use the Testing environment.
To generate validation tokens for emulating email based confirmation use:
flask generate --validation-token <email>
- Docker is required for staging
Build or start the staging environment using:
docker-compose build
docker-compose up
NOTE :
Staging is the preferred environment for frontend development, be sure to configure CLIENT_ORIGIN in docker-compose.yml
.
Docker on windows utilizes a local virtual machine for networking, this can make accessing exposed ports difficult. First, start the virtual host then locate the host's IP address:
docker-machine start
echo %DOCKER_HOST%
If you are using MinGW or happen to have grep
installed, run the following command after starting the host.
docker-machine inspect | grep IPAddress
Then, test the access to container, after docker-compose up
use the IP address from the previous step:
curl http://<docker-machine-ip>:5000/api/auth
You should receive a JSON response from the Dockerized API.
- This codebase supports deployment over Heroku
This project is licensed under the MIT License - see the LICENSE.md file for details