Skip to content

lijuuu/AuthenticationServiceMachineTest

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
cmd
cmd
 
 
config
config
 
 
internal
internal
 
 
.air.toml
.air.toml
 
 
.env.example
.env.example
 
 
.gitignore
.gitignore
 
 
Readme.md
Readme.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
render.yaml
render.yaml
 
 

Repository files navigation

Authentication Service Machine Test

Overview

This project implements an authentication service using Firebase Authentication and Firestore as the primary backend, with triggers to sync data to Neo4J and MongoDB. The service provides a comprehensive set of authentication-related functions, including signup, login, guest login, credential verification, password management, email/phone credential updates, and two-factor authentication (2FA). The system supports both email and phone number credentials, with validation and verification workflows.

The database schema includes mandatory and optional fields, such as user verification status, circles (e.g., "Capcons"), and billable user status. All functions are designed to meet the specified requirements, including input validations and secure password storage using Bcrypt.

Project Requirements

  • Date of Requirement Gathering: Tuesday, 9 July 2024
  • Backend Services:
    • Firebase Authentication for user management.
    • Firestore as the primary database.
    • Firestore triggers to sync user data to Neo4J and MongoDB.
  • Authentication Functions:
    • Signup
    • Login
    • Guest Login/Signup
    • Verify Credentials
    • Forgot Password
    • Create New Password (Reset Password)
    • Change Login Email/Password
    • Add 2-Factor Authentication (2FA)
    • Add Alternate Credentials (e.g., add phone if email exists, or email if phone exists)
  • Additional Features:
    • Support for optional "Circles" field (stored as joint in the database).
    • Verification workflows for email and phone credentials.
    • Secure password storage using Bcrypt.
    • Support for guest users (no password required).

Prerequisites

To run this project, ensure you have the following:

  • Go: Version 1.20 or higher.
  • Firebase Project:
    • Set up a Firebase project with Authentication and Firestore enabled.
    • Enable Email/Password and Phone authentication methods in Firebase Authentication.
    • Download the Firebase Admin SDK credentials (serviceAccountKey.json).
  • Dependencies:
    • Install required Go packages: 
      go get cloud.google.com/go/firestore
go get firebase.google.com/go/auth
go get golang.org/x/crypto/bcrypt
go get github.com/pquerna/otp/totp
go get github.com/go-playground/validator/v10

Database Schema

The user data is stored in the Firestore users collection with the following fields:

Field Type Default Value Description
uid String Auto-generated Unique user ID generated by Firebase Authentication.
email String "" User's email (at least one of email or phone is required).
phone String "" User's phone number with country code (e.g., "+917356108734").
is_phone_verified Boolean false Whether the phone number is verified.
is_email_verified Boolean false Whether the email is verified.
is_guest_user Boolean true Whether the user is a guest (no password).
password String "" Hashed password (optional for guest users, stored using Bcrypt).
joint Array ["Capcons"] Array of circles the user is subscribed to (e.g., ["Capcons"]).
is_billable_user Boolean false Whether the user is billable (requires password if joint includes "Capcons").
is_2f_needed Boolean false Whether 2FA is enabled (true for admins of paid joint circles).
first_name String "" User's first name (optional).
second_name String "" User's second name (optional).
user_created_date Timestamp Current time Date and time when the user was created.
user_last_login_details Timestamp Current time Date and time of the user's last login.
country_of_origin String "" User's country of origin (optional).
address String "" User's address (optional).
username String "" User's username (optional).
created_at Timestamp Current time Timestamp when the user record was created.
updated_at Timestamp Current time Timestamp when the user record was last updated.
totp_secret String "" TOTP secret for 2FA (empty if 2FA is not enabled).
bio String "" User's bio (optional).
image_url String "" URL to user's profile image (optional).
email_verification_pending Boolean false Whether email verification is pending.
phone_verification_pending Boolean false Whether phone verification is pending.
password_reset_pending Boolean false Whether a password reset is pending.

OTP Collection

The otps collection stores temporary OTPs for verification and password reset:

Field Type Description
otp String The OTP code (e.g., "158047").
type String Type of OTP (email_verification, phone_verification, password_reset).
uid String User ID associated with the OTP.
email String Email associated with the OTP (empty for phone OTPs).
phone String Phone number associated with the OTP (empty for email OTPs).
created_at Timestamp When the OTP was created.
expires_at Timestamp When the OTP expires (15 minutes after creation).

Functions

1. Signup

  • Input:
    • Credentials: Email or Phone Number (at least one required).
    • Password: Required for non-guest users.
    • FirstName: Optional.
    • LastName: Optional.
    • Username: Optional.
  • Validations:
    • Password:
      • Minimum 8 characters.
      • At least one alphabet, one special character, and one number.
      • Stored using Bcrypt.
    • Email: Must be a valid email format (e.g., user@example.com).
    • Phone: Must be a valid phone number with country code (e.g., "+917356108734").
  • Behavior:
    • Creates a user in Firebase Authentication.
    • Stores user profile in Firestore users collection.
    • Triggers Firestore to sync data to Neo4J and MongoDB.
    • Sends verification OTP (email or phone).
  • Output:
    • Success response with user details (uid, email, phone, username, first_name, second_name).

2. Login

  • Input:
    • Credential: Email or Phone Number.
    • Password: Required.
    • TwoFactorCode: Required if 2FA is enabled.
  • Behavior:
    • Verifies credentials using Firebase Authentication.
    • Checks 2FA if enabled (via TOTP).
    • Updates user_last_login_details and updated_at in Firestore.
    • Generates a custom token for authentication.
  • Output:
    • Token response with the custom token.

3. Guest Login/Signup

  • Input:
    • Username: Optional.
  • Behavior:
    • Creates a guest user in Firebase Authentication (no password).
    • Sets is_guest_user = true and is_billable_user = false in Firestore.
    • Generates a custom token.
  • Output:
    • Token response with the custom token.

4. Verify Credentials

  • Input:
    • Credential: Email or Phone Number.
    • OTP: Required (replaces password for verification).
  • Behavior:
    • Verifies the user exists in Firebase Authentication.
    • Checks the otps collection for a valid, non-expired OTP.
    • Updates verification status (is_email_verified or is_phone_verified) if applicable.
    • Deletes the used OTP.
  • Output:
    • Success response with uid.

5. Forgot Password

  • Input:
    • Email: Required.
  • Behavior:
    • Generates an OTP for password reset.
    • Stores the OTP in the otps collection.
    • Sends the OTP via email.
    • Sets password_reset_pending = true in Firestore.
  • Output:
    • Success response indicating the OTP was sent.

6. Create New Password (Reset Password)

  • Input:
    • Email: Required.
    • OTP: Required.
    • Password: New password.
  • Validations:
    • Same as Signup password validations.
  • Behavior:
    • Verifies the OTP in the otps collection.
    • Updates the password in Firebase Authentication and Firestore.
    • Sets password_reset_pending = false.
    • Deletes the used OTP.
  • Output:
    • Success response indicating password reset.

7. Change Login Email/Password

  • Input:
    • UID: Required.
    • Password: Current password (for verification).
    • NewEmail: New email (optional).
    • NewPassword: New password (optional).
  • Behavior:
    • Verifies the current password.
    • Updates the email and/or password in Firebase Authentication.
    • Sets EmailVerified = false in Firebase Authentication if email is updated.
    • Updates Firestore with new email/password and sets is_email_verified = false.
    • Sends a verification email if the email is updated.
  • Output:
    • Success response indicating the update.

8. Add 2-Factor Authentication (2FA)

  • Input:
    • Email: Required.
  • Behavior:
    • Generates a TOTP secret using github.com/pquerna/otp/totp.
    • Stores the TOTP secret in Firestore and sets is_2f_needed = true.
  • Output:
    • Success response with TOTP secret and URL for authenticator apps.

9. Add Alternate Credentials

  • Input:
    • UID: Required.
    • Credential: New email or phone number.
  • Behavior:
    • Adds an alternate credential (e.g., phone if email exists, email if phone exists).
    • Updates Firebase Authentication and Firestore.
    • Sends a verification OTP for the new credential.
  • Output:
    • Success response indicating the credential was added.

About

drive.google.com/file/d/1eKOAHGpobj16Z8G0hHaahVnjYJhNnL9H/view?usp=sharing

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Languages