Allow clients to subscribe to transactions specific namespaces
A transaction can be:
declined
completed
cancelled
The endpoints are protected using JWT base authentication. Provide the following env variables in a .env
file on deployment.
ACCESS_TOKEN_SECRET=
REFRESH_TOKEN_SECRET=
ACCESS_KEY=
Use the auth-server
to handle authentication such as:
login
log inlogout
log outtoken
generate new token
Login can be done either using an accessKey
matching a secret ACCESS_KEY
env var (for Admin
users) or via name
and password
for client users.
A placeholder verifyUser({ name, password })
function is supplied that must be customized to do proper verification, such as by lookup in a database.
The JWT token is expected to be passed as a Bearer
token in the authorization
header
The auth server is set to run on port 4000
POST /cancelled
transaction
{
"clientId": "xyz",
"payload": {
// as you wish
}
}
Will emit cancelled
event with payload
to socket for that client
POST /denied
{
"clientId": "xyz",
"payload": {
// as you wish
}
}
Will emit denied
event with payload
to socket for that client
POST /completed
{
"clientId": "xyz",
"payload": {
// as you wish
}
}
Will emit completed
event with payload
to socket for that client
POST /client
{
"clientId": "xyz",
"payload": {
"id": "xyz",
"name": "Xyz",
"subscriptions": ["cancelled"]
}
}
DELETE /client?id=xyz
Removes client from server and disconnects all sockets for that client
POST /event
{
"clientId": "xyz",
"eventName": "completed"
}
DELETE /event?clientId=xyz&eventName=completed
Removes client from server and disconnects all sockets for that client