Provides authentication/user management for all jobhub microservices. Uses JWT for authentication.
Each user has the following attributes:
id
: A unique ID generated for each user.email
: An email address used for login.password
: The users password. All passwords are hashed using bcrypt.type
: The type of user. Can be Applicant or Recruiter.verified
: Whether the user has verfied their email after creating their account. Required to be able to login.
git clone https://github.com/scrum-gang/authentication.git
cd authentication
npm install
npm start
Builds are automated using Travis and deployed on Heroku.
There are two Heroku deployments:
- Staging: https://jobhub-authentication-staging.herokuapp.com/
- Production: https://jobhub-authentication.herokuapp.com/
The staging deployment should be used for all development/testing purposes, in order to keep production from being poluted with test data.
Please note that any new builds on the development branch will wipe the staging database.
- Create user using
/signup
. - Verify new user by clicking link in email received.
- Login using
/login
, keep JWT token. - Can get logged in user using
/users/self
and passing token in header.
Details all the fields in the User model.
- Get users :
GET /users
- Get user by id :
GET /users/:id
- Update user by id :
PUT /users/:id
- Delete user by id :
DELETE /users/:id
- Signup new user :
POST /signup
- Login existing user :
POST /login
- Logout user :
POST /logout
- Get user from token :
GET /users/self
- Update user from token :
PUT /users/self
- Delete user from token :
DELETE /users/self
- Resend verification email for unverified user :
POST /resend
All users
endpoints except for /users/self
are restricted to moderators only. Moderators have unrestricted access to all endpoints. Only a moderator can promote another user to a moderator role.
Note: Restrictions on endpoints can be bypassed by passing the secret
header in the request. Ask someone on authentication for the secret or see pinned message on authentication channel on Discord.