AuthPlus is lightweight, scalable, and secure hardware-based user authentication API.
AuthPlus makes it easy for developers to restrict their applications to specific target machines.
AuthPlus features:
- User authentication and management
- License generation and management
- Out of the box parameter validation
- HMAC (SHA256) response data encryption
- Built-in request ratelimiting
AuthPlus is built to be self-hosted and configured to users needs.
Ready to self-host AuthPlus?
-
Clone the repository with
git clone https://github.com/ayushgun/authplus
. -
Initialize a MongoDB cluster with a database titled
authentication
and two collections titledlicenses
andusers
. Set thedatabase_uri
inconfiguration/config.env
to the MongoDB connection URI. -
Generate a Fernet encryption key using this script. Set the
encryption_key
inconfiguration/config.env
to the generated Fernet encryption key. -
Set the
admin_password
andclient_password
inconfiguration/config.env
to two randomly generated passwords. These passwords are used for HTTP basic authentication, and should be scoped to the client and server level. -
Customize the API URL and port by setting
api_url
inconfiguration/config.env
to the desiredport:url
. A default localhost URL has been set out of the box. -
Run the API with
go run main.go
. All API dependencies will automatically be installed, given that Go is locally installed and set up correctly.
If you plan on modifying the API, a default test suite has been included in this repository.
To run the test suite:
-
Ensure that pip is installed on the machine.
-
Start the API with
go run main.go
. -
Move to the test suite directory with
cd tests
. Then, install the test suite dependencies withpip3 install -r requirements.txt
. -
Run the test suite with
python3 api_tests.py
.
We want to make contributing to this project as easy and transparent as possible, whether it's:
- Reporting an issue
- Discussing the current state of the project
- Submitting a fix
- Proposing new features
To get started, check Issues for a list of tracked issues.
Ayush Gundawar is the author of this project. His website can be found here.
Gin is the foundational technology used to build AuthPlus. Thank you to the open-source Gin community for building a wonderful, lightweight, and performant HTTP web framework.