An OIDC compliant extensible user authentication and authorization service that includes key features such as passwordless authentication and attribute based access control (ABAC). It is written in Nest JS & using Fusion Auth as the underlying service for all User Management related tasks.
- CRUD support for respective Fusion Auth Applications
- Authentication(Username/Password combo) for Fusion Auth Users
- Passwordless (OTP based) authentication
- RBAC support for the applications (Android, React Admin, etc.)
- CRUD supporting creation/updation of records on 3rd party Hasura using Generic Config
$ yarn installNote: This project is built on VSCode and would be developed only with this IDE in mind. The .vscode directory will be kept updated with all the VSCode magic 🧙♂️.
# development
$ yarn start
# watch mode
$ yarn start:dev
# debug mode
$ yarn start:debug
# production mode
$ yarn start:prodYou can use docker image directly for production environment setup. A sample docker-compose.yml file should look like:
version: "3"
services:
  user-service:
    image: samagragovernance/esamwad-user-service:latest
    env_file:
      - ./.env
    ports:
      - "3000:3000"
    restart: always
# unit tests
$ yarn test
# e2e tests
$ yarn test:e2e
# test coverage
$ yarn test:cov
# test a single file
$ yarn run test:watch ./src/user/sms/gupshup/gupshup.service.spec.ts# open .env file
$ vi .env
# add your service info in below format
APP_application_id={"host": "dummy.com", "apiKey": "zse12344@#%ddsr", "encryption": {"enabled": true, "key": "veryhardkey"}, "hasura": {"graphql_url": "https://example.com/graphql", "admin_secret": "xxxx", "mutations": {"some_mutation_key": "mutation query..."}}}
# where apiKey, encryption.key and hasura is not mandatory
# Precedence will be given apiKey sent in Authorization header (Check swagger collection below for references)
# encryption.enabled provides option to encrypt username/password with the provided enrption.key before sending to the FA server.
# restart docker-compose
$ docker-compose down
$ docker-compose up -d --buildNote: In variable APP_application_id, "APP_" is the prefix and "application_id" is the UUID of Fusion Auth application with hyphen("-") replaced with underscore("_"). E.g. if application id is: 0000-0000-0000-0000 then the variable name must be: APP_0000_0000_0000_0000
| Variable | Description | 
|---|---|
| host | Fusion Auth Host. e.g. http://localhost:9011 or http://example.com | 
| apiKey | Fusion Auth API key to use for the Fusion Auth APIs being access via User Service. This key will be ignored if header Authorizationheader is passed in the request. | 
| encryption.enabled | Boolean flag to enabled/disable encryption. | 
| encryption.key | Encryption key. Must be passed if encryption.enabledistrue. | 
| hasura.graphql_url | Hasura Graphql URL for custom mutation calls to be made on hit of certain APIs. | 
| hasura.admin_secret | Hasura Admin Secret. | 
| hasura.mutations | A JSON object containing key: value; wherekeyis the name of mutation &valuecontains the query/mutation for the Graphql call. | 
Find here
Nest is MIT licensed.
This project was bootstrapped using Nest. Nest is an MIT-licensed open source project. It can grow thanks to the sponsors and support by the amazing backers. If you'd like to join them, please read more here.