Skip to content
/ advanced-authservice-crud-microservices Public

Microservices-based API provides user advanced authentication and basic product management functionality.

License

MIT license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Barcodehub/advanced-authservice-crud-microservices

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
api-gateway
api-gateway
 
 
auth-services
auth-services
 
 
product-services
product-services
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Microservices-Based JWT Authentication and Product Management API

This project is a microservices-based API built with Node.js, Express, and MongoDB. It provides a comprehensive authentication system with advanced security features including Two-Factor Authentication (2FA), and basic product management functionality. The system consists of three main services: an API Gateway, an Authentication Service, and a Product Service.

Table of Contents

Architecture

The application follows a microservices architecture:

  • API Gateway: Routes requests to appropriate services
  • Auth Service: Handles user authentication and authorization
  • Product Service: Manages product-related operations

Services

API Gateway

  • Routes requests to auth and product services
  • Handles 404 errors for undefined routes

Auth Service

  • User registration
  • User login with JWT token generation
  • Role-based access control

Product Service

  • CRUD operations for products
  • Role-based access to certain operations

Environment Variables Setup

Create a .env file in the root directory and add the following variables:

product-services

MONGO_URI=your-mongodb-uri
JWT_SECRET=your_jwt_secret_here

auth-services

MONGODB_URI=your-mongodb-uri
SESSION_SECRET=your_session_secret_here
JWT_SECRET=your_jwt_secret_here
RATE_LIMIT_MAX=100
RATE_LIMIT_WINDOW_MS=3600000
BODY_LIMIT=10kb
SESSION_MAX_AGE=604800000
ADMIN_EMAIL=tu_email_admin@example.com
ADMIN_PASSWORD=tu_contraseña_secreta

api-gateway

AUTH_SERVICE_URL=http://localhost:3000
PRODUCT_SERVICE_URL=http://localhost:3001

or your url.

Installation and Running

To run:

npm run start

API Testing

  • GET /api/auth/csrf-token: Retrieve the CSRF token.

  • POST /api/auth/register: Register a new user.

    X-CSRF-Token: token of step 1

    body:

    {
"email": "",
"password": ""
}

  • POST /api/auth/login: Login a user.

    X-CSRF-Token: token of step 1

    body:

    {
"email": "",
"password": ""
}

  • POST /api/products: create product

    X-CSRF-Token: token of step 1
Authorization: token login admin

    body:

        {
"name": "",
"description": "",
"price": ,
"stock": 
    }

  • GET /api/products: get products

  • GET /api/products/id: find product

  • PUT /api/products/id: editar product

    X-CSRF-Token: token of step 1
Authorization: token login admin

    body:

        {
"name": "",
"description": "",
"price": ,
"stock": 
    }

  • DELETE /api/products/id: delete product

About

Microservices-based API provides user advanced authentication and basic product management functionality.

Topics

microservices api-gateway jwt-authentication csrf-protection cookie-parser product-management

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages