Skip to content
No description, website, or topics provided.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
config
src
.dockerignore
.gitignore
Dockerfile
README.md
app.js
package-lock.json
package.json

README.md

Installation

  1. Clone this repository to a location of your choice
  2. Run npm install
  3. Configure the app according to this' readme configuration section
  4. Run npm start

Installation Docker

A docker image is available on docker hub.
The app is located in /usr/src/app/ so you want to either copy your config.js and your jwt private and public key directly into the dockers /usr/src/app/config/ directory or use volumes to add/modify the config files.

Here is an example docker-compose.yml:

version: '3'
services: 
    api:
        image: gruppeadler/api
        volumes:
            - ./config:/usr/src/app/config/

Configuration

The configuration of this api is quite complex.

  • You can find a example-config.js in your config directory. Copy that file to config.js.
  • Generate a ssh private/public key pair, which will be used to sign and decode the JWTs issued by this api and copy them to ./config/auth/ as private.key and public.key.

Authentication

Key Explanation
jwt.private-key Private key, which is used to sign the JWTs.
jwt.private-key Public key, which is used to decode the JWTs.
jwt.issuer JWT Issuer: Name of the group, which issues the JWT
jwt.audience JWT Audience: Typically the base address of the resource being accessed, such as "https://gruppe-adler.de".
jwt.expiresIn See: https://github.com/auth0/node-jsonwebtoken#usage
jwt.algorithm See: https://github.com/auth0/node-jsonwebtoken#usage
auth-url URL to which api sends authentication request.
cookie-name Cookie to include in authentication request.
cookie-domain Domain of cookie
is-authorized Function to determine if the user is authorized to retrieve a token. The function is called with the response of the authentication request as a parameter. Be aware, that this function only will be called if there is a valid response from the authentication request. So for example if the authentication request returns a 401 this won't be called.
errors.401 Content which should be sent, when a 401 Error occurs.
errors.403 Content which should be sent, when a 403 Error occurs.
errors.504 Content which should be sent, when a 504 Error occurs.

Twitter

If you don't want to use the twitter endpoints, just leave the screen_name empty.

Key Explanation
screen_name Screen name of twitter user.
base64-bearer-token-credentials Base64 encoded credentials to retrieve bearer token from twitter api. (See twitter api docs)

Endpoints

tba

You can’t perform that action at this time.