Skip to content
forked from u5surf/auth

API and user authn/z service for moov.io

License

Notifications You must be signed in to change notification settings

rayjlinden/auth

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

moov-io/auth

GoDoc Build Status Coverage Status Go Report Card Apache 2 licensed

project is under active development and is not production ready

This repository holds the authentication service for moov.io. If you find a problem (security or otherwise), please contact us at security@moov.io.

The auth project supports various auth methods:

  • REST authentication and user sign-up
  • OAuth2 exchange (linked to an authenticated user)

Docs: docs.moov.io | api docs

Project Status

This project is currently pre-production and could change without much notice, however we are looking for community feedback so please try out our code or give us feedback!

Getting Started / Install

You can download our docker image moov/auth from Docker Hub or use this repository. No configuration is required to serve on :8081 and metrics at :9091/metrics in Prometheus format.

Also, go run works:

$ cd moov/auth # wherever this project lives

$ go run .
ts=2018-12-13T19:18:11.062095Z caller=main.go:80 startup="Starting auth server version v0.4.3-dev"
ts=2018-12-13T19:18:11.062633Z caller=main.go:103 main="sqlite version 3.25.2"
ts=2018-12-13T19:18:11.062617Z caller=main.go:92 admin="listening on :9091"
ts=2018-12-13T19:18:11.064059Z caller=sqlite.go:96 sqlite="starting database migrations..."
ts=2018-12-13T19:18:11.064153Z caller=sqlite.go:105 sqlite="migration #0 [create table if not exists users(user_id...] changed 0 rows"
... (more database migration log lines)
ts=2018-12-13T19:18:11.064345Z caller=sqlite.go:108 sqlite="finished migrations"
ts=2018-12-13T19:18:11.066804Z caller=main.go:189 transport=HTTP addr=:8081

Configuration

The follow are environment variables can be configured:

Required

  • DOMAIN: Domain to set on cookies.

Optional

  • OAUTH2_CLIENTS_DSN: Data Source Name (DSN) for the OAuth2 clients database. (Example: file:oauth2_clients.db)
  • OAUTH2_TOKENS_DSN: Data Source Name (DSN) for the OAuth2 tokens database. (Example: file:oauth2_tokens.db)
  • SQLITE_DB_PATH: File path to our sqlite database. (Example: auth.db)
  • TLS_CERT and TLS_KEY: File paths to TLS certificate and keyfile (in PEM encoding).

Endpoints

Method Path Description
GET /ping Always returns "PONG". Useful for readness check
POST /users/create Create a new user. (Signup)
GET /users/login Verify if a Cookie is valid for a user.
POST /users/login Login with an email and password.
DELETE /users/login Invalidat a user's active cookies.
GET /oauth2/authorize Verify a Bearer OAuth2 token.
[GET&]POST /oauth2/token Create a new OAuth2 token.
POST /oauth2/token/create Create a new OAuth2 client credential set.

metrics

Name Help Text
auth_successes Count of successful authorizations
auth_failures Count of failed authorizations
auth_inactivations Count of inactivated auths (i.e. user logout)
http_errors Count of how many 5xx errors we send out
oauth2_client_generations Count of auth tokens created
oauth2_token_generations Count of auth tokens created
sqlite_connections How many sqlite connections and what status they're in.

Getting Help

channel info
Project Documentation Our project documentation available online.
Google Group moov-users The Moov users Google group is for contributors other people contributing to the Moov project. You can join them without a google account by sending an email to moov-users+subscribe@googlegroups.com. After receiving the join-request message, you can simply reply to that to confirm the subscription.
Twitter @moov_io You can follow Moov.IO's Twitter feed to get updates on our project(s). You can also tweet us questions or just share blogs or stories.
GitHub Issue If you are able to reproduce an problem please open a GitHub Issue under the specific project that caused the error.
moov-io slack Join our slack channel to have an interactive discussion about the development of the project. Request an invite to the slack channel

Supported and Tested Platforms

  • 64-bit Linux (Ubuntu, Debian), macOS, and Windows

Contributing

Yes please! Please review our Contributing guide and Code of Conduct to get started!

Note: This project uses Go Modules, which requires Go 1.11 or higher, but we ship the vendor directory in our repository.

License

Apache License 2.0 See LICENSE for details.

About

API and user authn/z service for moov.io

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Go 97.9%
  • Makefile 1.3%
  • Other 0.8%