Skip to content
An API Gateway Authentication service for Microservices
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
config
db
.gitignore
API_gateway.png
LICENSE
README.md
main.go

README.md

About

I had a problem at authentication different API endpoints from different services. Looked at express-gateway but i was disappointed that data access is only available on Redis. I wanted to be able to authenticate users from MySQL (or PostgreSQL) so i decided to build one.

This API Gateway returns a token when you send a POST request to /api/auth with a JSON format like below:

{ "email": "youremail",
  "password": "yourpassword"}

Then you will get a reply with JSON Web Token in "access_token" field. Use this in your Authorization header (with "Bearer ").

Of course the hashes stored in your DB must be in BCrypt in order for this to work. The important thing is in the database that you should have is "users" table with "email" and "encrypted_password" columns.

There is no user registration endpoint yet, but since everything is redirected, you can register at your normal registration endpoint.

Those using Ruby On Rails with Devise, using APIVault should work with your current database out of the box (users schema is the same) as long your still use Bcrypt (not Argon2)

I am still testing this out on my own to see how if it can solve my problem.

Part of this code is based on Reverse Proxy Demo at: https://github.com/bechurch/reverse-proxy-demo by https://github.com/bechurch

Detailed information HERE

In a nutshell:

summary

Installation steps

  1. Clone this repository

  2. Edit database.yml, include your database credentials, edit secrets.yml (if you have rails you can run rake secret to generate one) - this is needed for JWT Token. then edit servers.yml which contains your hostname which is used to run APIVault, and the real backend server http://url_backendapi (need http:// or https://) in url_endpoint and your microservice's JWT secrets.

    NOTE: You can use either mysql, postgres and mssql adapters, depending how your current data is stored. sqlite is not supported at the moment but you can modify the source to support it.

  3. go build

  4. upload APIVault binary to your server and if you want to change the port that binds APIVault runs you can simply run export PORT="your-port-number", example export PORT="8080"

  5. copy config config/ folder in the same directory as APIVault binary in your server and run APIVault as a normal user privileges (not root!)

  6. DONE!

You can’t perform that action at this time.