An OIDC compliant extensible user authentication and authorization service that includes key features such as passwordless authentication and attribute based access control (ABAC). It is written in Nest JS & using Fusion Auth as the underlying service for all User Management related tasks.
- CRUD support for respective Fusion Auth Applications
- Authentication(Username/Password combo) for Fusion Auth Users
- Passwordless (OTP based) authentication
- RBAC support for the applications (Android, React Admin, etc.)
- CRUD supporting creation/updation of records on 3rd party Hasura using Generic Config
$ yarn installNote: This project is built on VSCode and would be developed only with this IDE in mind. The .vscode directory will be kept updated with all the VSCode magic 🧙♂️.
# development $ yarn start # watch mode $ yarn start:dev # debug mode $ yarn start:debug # production mode $ yarn start:prodYou can use docker image directly for production environment setup. A sample docker-compose.yml file should look like:
version: "3" services: user-service: image: samagragovernance/esamwad-user-service:latest env_file: - ./.env ports: - "3000:3000" restart: always # unit tests $ yarn test # e2e tests $ yarn test:e2e # test coverage $ yarn test:cov # test a single file $ yarn run test:watch ./src/user/sms/gupshup/gupshup.service.spec.ts# open .env file $ vi .env # add your service info in below format APP_application_id={"host": "dummy.com", "apiKey": "zse12344@#%ddsr", "encryption": {"enabled": true, "key": "veryhardkey"}, "hasura": {"graphql_url": "https://example.com/graphql", "admin_secret": "xxxx", "mutations": {"some_mutation_key": "mutation query..."}}} # where apiKey, encryption.key and hasura is not mandatory # Precedence will be given apiKey sent in Authorization header (Check swagger collection below for references) # encryption.enabled provides option to encrypt username/password with the provided enrption.key before sending to the FA server. # restart docker-compose $ docker-compose down $ docker-compose up -d --buildNote: In variable APP_application_id, "APP_" is the prefix and "application_id" is the UUID of Fusion Auth application with hyphen("-") replaced with underscore("_"). E.g. if application id is: 0000-0000-0000-0000 then the variable name must be: APP_0000_0000_0000_0000
| Variable | Description |
|---|---|
host | Fusion Auth Host. e.g. http://localhost:9011 or http://example.com |
apiKey | Fusion Auth API key to use for the Fusion Auth APIs being access via User Service. This key will be ignored if header Authorization header is passed in the request. |
encryption.enabled | Boolean flag to enabled/disable encryption. |
encryption.key | Encryption key. Must be passed if encryption.enabled is true. |
hasura.graphql_url | Hasura Graphql URL for custom mutation calls to be made on hit of certain APIs. |
hasura.admin_secret | Hasura Admin Secret. |
hasura.mutations | A JSON object containing key: value; where key is the name of mutation & value contains the query/mutation for the Graphql call. |
Find here
Nest is MIT licensed.
This project was bootstrapped using Nest. Nest is an MIT-licensed open source project. It can grow thanks to the sponsors and support by the amazing backers. If you'd like to join them, please read more here.