Skip to content

Latest commit

 

History

History
235 lines (144 loc) · 3.97 KB

README.md

File metadata and controls

235 lines (144 loc) · 3.97 KB

service-authentication

This is a service that provides authentication for the other services in the system.

Features:

Registration, login, logout, email verification, SMS verification. magic links. password Reset, webhooks, JWTs, token refresh, OAuth (Configurable token providers, Linking oAuth to user profile), MFA (SMS-based, OTPs, Authenticator apps), rate limiting, CAPTCHA, audit trail, roles and caps

Contents:


Reference

Endpoints

POST /register

Register a new user.

Request

{
  "email": "example@mail.com", // required
  "password": "password123", // optional, if not provided, a random password will be generated
  "options": {
    "sendEmail": true, // optional
    "sendSms": true, // optional
    "setCookie": true // optional
    "sendResetEmail": true // optional, will send a password reset email if password is not provided
    "verifyEmail": true // optional, will send a verification email when the user is created
  }
}

Response

Sets a cookie with the JWT if options.setCookie is true.


POST /login

Authenticates a user via username/password and returns a JWT.

Request

{
  "email": "example@mail.com", // required
  "password": "password123", // required
  "options": {
    "setCookie": true // optional, will set a cookie with the JWT, defaults to true
  }
}

Response

Sets a cookie with the JWT if options.setCookie is true.


POST /password/forgot


GET /password/reset/:token


POST /password/reset/:token


GET /oauth/:provider

Authenticates a user via an OAuth provider

Request

None


Get /oauth/:provider/callback

Callback for OAuth provider

Request

This endpoint is not meant to be called directly


POST /oauth/link


POST /login/magic


GET /login/magic/:token


GET /token/refresh


GET /token/revoke

Logs out the user and clears the JWT cookie. Also revokes the refresh token.

Request

None

Response

200 Clears the JWT cookie.


POST /email/verify


GET /email/verify/:token


POST /mfa/setup


POST /mfa/verify


POST /mfa/remove


POST /otp/send


POST /otp/verify


POST /otp/remove


POST /authenticator/setup


POST /authenticator/verify


GET /user


GET /user/:user_id


POST /user


PUT /user/:user_id


GET /webhooks


POST /webhooks


PUT /webhooks/:webhook_id


DELETE /webhooks/:webhook_id


GET /audit/logs