🌻 Authentication Microservice

A simple yet powerful microservice which offers a secure and lightweight method of handling user authentication, making it an excellent choice for developing secure web applications

• Lightweight REST microservice for authentication based on JSON web tokens
• Simple setup using Docker, which works in both production and development environments

🤸 Getting Started

💾 Installation

To get started, you'll need to clone this repository using Git

$ git clone https://github.com/camelopard187/authentication-microservice-lightweight.git

Moreover, you need to generate an RSA private key for the JWT signature and validation. You can do this using OpenSSL

# Generate an RSA private key for the JWT signature and validation
$ echo "PRIVATE_KEY = \"$(openssl genrsa 2048)\"" >> .env

Note - In many Unix-like operating systems OpenSSL available by default

💻 Local

To run the microservice locally, you'll need to set the DATABASE_URL and NODE_ENV environment variables to the URL of your local PostgreSQL database and Node.js environment, respectively

NODE_ENV = "development"
DATABASE_URL = "postgresql://username:password@localhost:5432/database_name"

Note - Please replace the placeholders "username", "password", and "database_name" with your preferred values for a personalized experience

Then, install all dependencies with Yarn and start the Express.js server

# Install all dependencies
$ yarn install --frozen-lockfile

# Start the Express.js server
$ yarn start:development

Note - Microservice comes with Prisma, which requires Node.js at least v14.17.0

🐳 Docker

To run the microservice using Docker, you'll need to set up both the database and application containers. Follow these steps to configure the necessary environment variables:

1. Create a PostgreSQL database container by configuring the essential environment variables in the docker/postgres.env file:

POSTGRES_USER = "username"
POSTGRES_PASSWORD = "password"
POSTGRES_DB = "database_name"

Note - Make sure to replace "username", "password", and "database_name" with your desired values

2. Configure the application container by adding the following environment variables to the docker/application.env file:

NODE_ENV = "production"
DATABASE_URL = "postgresql://username:password@localhost:5432/database_name"

Note - Replace "username", "password", and "database_name" with the same values you used in the previous step

Once you've made these configurations, you can proceed with running the microservice using Docker Compose

$ docker compose -f docker/docker-compose.yaml up -d --build

🌿 API Reference

The Authentication Microservice API provides three endpoints: register, login, and refresh

🪪 Register a new user

To register a new user, send a POST request to /v1/register with a JSON payload that contains the user's email, and password

$ curl -X POST http://localhost:3000/v1/register \
  -H 'Content-Type: application/json' \
  -d '{
    "email": "sarahkim@gmail.com",
    "password": "F0r3v3rS@r@"
  }'

Warning - Email can be unavailable because verification by activation link isn't implemented yet

🔓 Log in as an existing user

To log in as an existing user, send a POST request to /v1/login with a JSON payload that contains the user's email and password

$ curl -X POST http://localhost:3000/v1/login \
  -H 'Content-Type: application/json' \
  -d '{
    "email": "sarahkim@gmail.com",
    "password": "F0r3v3rS@r@"
  }'

Note - Whenever a user's refresh token expires, the user must log in to generate a new one

🔄 Refresh the user's access token

To refresh a user's access token, send a POST request to /v1/refresh with the user refresh token value provided in the cookie

$ curl -X POST http://localhost:3000/v1/refresh \
  -H 'Content-Type: application/json' \
  --cookie "refresh-token=${REFRESH_TOKEN}"

Note - You could receive a refresh-token from a login or registration endpoint

✅ Tests

This project uses Vitest as a test framework because it offers out-of-the-box Typescript support. All tests using Given-When-Then semi-structured way to write down test cases in a more human-readable way

🔍 Unit

To run the unit tests execute the following command

$ yarn test:unit

Note - You can display all tests using --reporter=verbose, and view all Vitest cli options here

🧩 Integration

To run the integration tests, you'll need to set the DATABASE_URL environment variable to the URL of your test PostgreSQL database

DATABASE_URL = "postgresql://postgres:postgres@localhost:5432/auth-integration-test"

You can either use your existing PostgreSQL instance or create a new one using a Docker Compose file

$ yarn test-database:up

Once the test database is up and running, you can run the integration tests with the following command

$ yarn test:integration

Note - You can generate code coverage via c8 using the --coverage flag

📜 License

The MIT License (MIT) 2023 - camelopard187. Please have a look at the LICENSE.md for more details