A simple yet powerful microservice which offers a secure and lightweight method of handling user authentication, making it an excellent choice for developing secure web applications
- Lightweight REST microservice for authentication based on JSON web tokens
- Simple setup using Docker, which works in both production and development environments
To get started, you'll need to clone this repository using Git
$ git clone https://github.com/camelopard187/authentication-microservice-lightweight.git
Moreover, you need to generate an RSA private key for the JWT signature and validation. You can do this using OpenSSL
# Generate an RSA private key for the JWT signature and validation
$ echo "PRIVATE_KEY = \"$(openssl genrsa 2048)\"" >> .env
Note - In many Unix-like operating systems OpenSSL available by default
To run the microservice locally, you'll need to set the DATABASE_URL
and NODE_ENV
environment variables to the URL of your local PostgreSQL database and Node.js environment, respectively
NODE_ENV = "development"
DATABASE_URL = "postgresql://username:password@localhost:5432/database_name"
Note - Please replace the placeholders
"username"
,"password"
, and"database_name"
with your preferred values for a personalized experience
Then, install all dependencies with Yarn and start the Express.js server
# Install all dependencies
$ yarn install --frozen-lockfile
# Start the Express.js server
$ yarn start:development
Note - Microservice comes with Prisma, which requires Node.js at least v14.17.0
To run the microservice using Docker, you'll need to set up both the database and application containers. Follow these steps to configure the necessary environment variables:
- Create a PostgreSQL database container by configuring the essential environment variables in the
docker/postgres.env
file:
POSTGRES_USER = "username"
POSTGRES_PASSWORD = "password"
POSTGRES_DB = "database_name"
Note - Make sure to replace
"username"
,"password"
, and"database_name"
with your desired values
- Configure the application container by adding the following environment variables to the
docker/application.env
file:
NODE_ENV = "production"
DATABASE_URL = "postgresql://username:password@localhost:5432/database_name"
Note - Replace
"username"
,"password"
, and"database_name"
with the same values you used in the previous step
Once you've made these configurations, you can proceed with running the microservice using Docker Compose
$ docker compose -f docker/docker-compose.yaml up -d --build
The Authentication Microservice API provides three endpoints: register
, login
, and refresh
To register a new user, send a POST request to /v1/register
with a JSON payload that contains the user's email
, and password
$ curl -X POST http://localhost:3000/v1/register \
-H 'Content-Type: application/json' \
-d '{
"email": "sarahkim@gmail.com",
"password": "F0r3v3rS@r@"
}'
Warning - Email can be unavailable because verification by activation link isn't implemented yet
To log in as an existing user, send a POST request to /v1/login
with a JSON payload that contains the user's email
and password
$ curl -X POST http://localhost:3000/v1/login \
-H 'Content-Type: application/json' \
-d '{
"email": "sarahkim@gmail.com",
"password": "F0r3v3rS@r@"
}'
Note - Whenever a user's refresh token expires, the user must log in to generate a new one
To refresh a user's access token, send a POST request to /v1/refresh
with the user refresh token value provided in the cookie
$ curl -X POST http://localhost:3000/v1/refresh \
-H 'Content-Type: application/json' \
--cookie "refresh-token=${REFRESH_TOKEN}"
Note - You could receive a
refresh-token
from a login or registration endpoint
This project uses Vitest as a test framework because it offers out-of-the-box Typescript support. All tests using Given-When-Then semi-structured way to write down test cases in a more human-readable way
To run the unit tests execute the following command
$ yarn test:unit
Note - You can display all tests using
--reporter=verbose
, and view all Vitest cli options here
To run the integration tests, you'll need to set the DATABASE_URL
environment variable to the URL of your test PostgreSQL database
DATABASE_URL = "postgresql://postgres:postgres@localhost:5432/auth-integration-test"
You can either use your existing PostgreSQL instance or create a new one using a Docker Compose file
$ yarn test-database:up
Once the test database is up and running, you can run the integration tests with the following command
$ yarn test:integration
Note - You can generate code coverage via c8 using the
--coverage
flag
The MIT License (MIT) 2023 - camelopard187. Please have a look at the LICENSE.md for more details