Skip to content
/ auth-service Public

Service in charge of authenticating all my requests

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

evanmoncuso/auth-service

BranchesTags

Repository files navigation

Authentication Service

Purpose

This purpose of this service is to authenticate users against the user database. THIS SERVICE DOES NOT CREATE OR MANAGEN USER INFORMATION.

Contracts

Access Token

  • lifespan - 10 minutes
  • data - will include the user_id, username and a user's roles 
    {
  user_id: string (uuid)
  username: string,
  permissions: string[],
}

Refresh Token

  • lifespan - 1 day

API

POST :: /authenticate

Provide a username and password for a user, receive an authentication token (in the form of a JWT) back

POST :: /invalidate

Provide a refresh token and invalidate that refresh token. Destroying that token's usefulness

  // request body
  {
    "refresh_token": "<string>",
  }

  // response body
  // none - 204 RESPONSE CODE

POST :: /refresh

Provide a refresh_token and get back a new access_token if everything is okay

  // request body
  {
    "refresh_token": "<original-refresh-token>", 
  }

  // response body
  {
    "access_token": "<new-access-token>",
    "refresh_token": "<original-refresh-token>"
  }

JWT

The JWT contains certain information about the user

About

Service in charge of authenticating all my requests

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases 2

v0.1.3 Latest
May 9, 2020
+ 1 release

Packages

No packages published

Languages