Skip to content

carbon-io-examples/example__hello-world-service-http-basic-auth

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

33 Commits

docs

docs

 
 

lib

lib

 
 

test

test

 
 

.gitignore

.gitignore

 
 

.travis.yml

.travis.yml

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

package-lock.json

package-lock.json

 
 

package.json

package.json

 
 

Repository files navigation

Hello Service (HTTP Basic Authentication)

Build Status Carbon Version

In this example we show usage of HTTP Basic Authentication using the MongoDBHttpBasicAuthenticator class.

The code defining the service is located in lib/HelloService.js and uses a simple Endpoint object to implement an HTTP GET at the path /hello.

Authentication

This service has an authenticator defined that authenticates users based on a username and password stored in MongoDB.

o({
  _type: carbon.carbond.security.MongoDBHttpBasicAuthenticator,
  passwordHashFn: carbon.carbond.security.BcryptHasher,
  userCollection: "users",
  usernameField: "email",
  passwordField: "password"
})

This authenticator ensures that an API key is presented for each request to the service and that the supplied API key matches a user in the system. The authenticated user is then attached to the request object as a field called user so that it may be used by the request downstream.

Access Control

Once we have authenticated users, we can then use access control lists (ACLs) to control what operations users can perform.

The hello endpoint defines an ACL that lets any user access it as long as they are authenticated.

o({
  _type: carbon.carbond.security.EndpointAcl,

  entries: [
    {
      // All users
      user: '*',
      permissions: {
        '*': true
      }
    }
  ]
})

Installing the service

We encourage you to clone the git repository so you can play around with the code.

$ git clone -b carbon-0.7 git@github.com:carbon-io-examples/example__hello-world-service-http-basic-auth.git
$ cd example__hello-world-service-http-basic-auth
$ npm install

Setting up your environment

This example expects a running MongoDB database. The code will honor a MONGODB_URI environment variable. The default URI is mongodb://localhost:27017/hello-world.

To set the environment variable to point the app at a database different from the default (on Mac):

$ export MONGODB_URI=mongodb://localhost:27017/mydb

Running the service

To run the service:

$ node lib/HelloService

For cmdline help:

$ node lib/HelloService -h

Accessing the service

You can interact with the service via HTTP. To test authentication and access control, you'll need to first POST a new user to the service. Here is an example using curl:

$ curl localhost:8888/users -H "Content-Type: application/json" -d '{"email": "foo@bar.com", "password": "baz"}'

Once you have a user, you can test using:

$ curl -u foo@bar.com:baz localhost:8888/hello

Running the unit tests

This example comes with a simple unit test written in Carbon.io's test framework called TestTube. It is located in the test directory.

$ node test/HelloServiceTest

or

$ npm test

Generating API documentation (aglio flavor)

To generate documentation using aglio, install it as a devDependency:

$ npm install -D --no-optional aglio

Using --no-optional speeds up aglio's install time significantly. Then generate the docs using this command:

$ node lib/HelloService gen-static-docs --flavor aglio --out docs/index.html

About

Advanced hello world demonstrating Basic HTTP Authentication

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

4 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages