This project is designed to give you a brief introduction into using Node.js with the Fastify framework. To keep this project as quick as possible, we have designed this project in a manner that isn't too open ended while still allowing you to showcase your coding skills.
In this repository we have set up a little boilerplate Fastify - Typescript application. Currently our API supports JWT authentication, where we can submit our email and password to receive a JWT token to prove our identity within our API. However, this only works well for user based authentication since creating tokens with expiries longer than an hour is highly discouraged which would make it hard for servers to communicate if they needed to send their own set of email and password each hour.
This is where API key and secret pairs work well, they allow an independent server to communicate over HTTPS.
You are going to create a Fastify plugin to handle API key authentication within our server. The goal would be to create a similar mechanism to what we already use for our JWT authentication, but verifies the API key and secret pair.
For this plugin you'll need to complete 3 files that have already been partially started with some boilerplate and TODOs:
domain/api/api.service.tsplugins/apikey-authentication.tsdomain/api/api.controller.ts
Inside domain/api/test/api.test.ts you will see that we have already written some tests. Feel free to have a look at this file before you get started so that you can work towards making sure all the tests pass when by the time you're finished.
We respect your time, so we only expect you to spend a few hours on the exercise. If you have any questions, please reach out to both [email protected] and [email protected], and ask away - we're here to help!
Notes
Similar to passwords, we shouldn’t store the raw secret within our database. Instead we should store a hash and compare them.
Hints
- To generate cryptographically strong pseudorandom data to use for the api secret key pair have a look at the node:crypto library
- For hashing and comparing hashes see bcrypt
Additional resources that may be helpful
Your project will be assessed on two key criteria:
- Code quality
- All tests run successfully
Fastify can automatically generate route documentation based on the schemas (Typebox) provided to the routes in the controller.
As an optional bonus task to show a deeper level of understanding, generate an endpoint to show this automatically generated documentation.
Hint Have a look at Fastify's ecosystem
- Node >=16
- Docker
- Clone the repository
git clone https://github.com/Cotiss/cotiss-fastify-project.git
- Install the dependencies
npm install
- Run the dependent services with Docker
npm run up
- Start the application
npm run dev
- Explore the code
code . - Test your code
npm run test
If you wish to explore this repository further, the codebase is heavily commented to help you learn the basics. It's recommended starting in the following order:
- server.ts
- config.ts
- index.ts
After this feel free to navigate your way around the codebase.
Good luck!
- Update the Readme with an overview of what you changed and list any assumptions you made along the way.
- Upload your improved project to a private GitHub repository and invite @janickvwcotiss, @matt01671 and @danew.
- Finally, please send an email to [email protected] with a link to your repository.