Skip to content

qkudev/jwt-authentication-service

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

ย 

History

17 Commits
docs
docs
ย 
ย 
src
src
ย 
ย 
test
test
ย 
ย 
.dockerignore
.dockerignore
ย 
ย 
.env.example
.env.example
ย 
ย 
.gitignore
.gitignore
ย 
ย 
.prettierrc
.prettierrc
ย 
ย 
Dockerfile
Dockerfile
ย 
ย 
LICENSE.md
LICENSE.md
ย 
ย 
README.md
README.md
ย 
ย 
docker-compose.production.yml
docker-compose.production.yml
ย 
ย 
docker-compose.yml
docker-compose.yml
ย 
ย 
docs.apib
docs.apib
ย 
ย 
nest-cli.json
nest-cli.json
ย 
ย 
nodemon-debug.json
nodemon-debug.json
ย 
ย 
nodemon.json
nodemon.json
ย 
ย 
package-lock.json
package-lock.json
ย 
ย 
package.json
package.json
ย 
ย 
tsconfig.build.json
tsconfig.build.json
ย 
ย 
tsconfig.json
tsconfig.json
ย 
ย 
tslint.json
tslint.json
ย 
ย 

Repository files navigation

JSON Web Token Authentication Service

Dead-simple JSON Web Token Authentication Service with two types of tokens for accessing resources and refreshing authentication status.

Create service local identities, generate access/refresh token pairs, verify, refresh or invalidate them with token blacklisting system.

Description

Authentication of a request service provides with a special local model. Identity is an entity with unique ID for service to authenticate the user or request. After creating a new identity it is useful to save identity ID to your user model to make one-to-one relation.

To mark request as authenticated there is an access token โ€“ a short-living key, often placed in an authorization header like authorization: Bearer {access_token}. It is used for accessing resources on your other services and can be used as many times as you need until it is expired.

The refresh token on the other hand is a long-living token. It is used to obtain new one token pair and can be used only once. So if user left using service for a few days and his access token's time is up, he still can continue the session without signing-in again.

Since the tokens are not saved on the servers and are valid for the full living time even if the user logs-out, service has mechanics to blacklist any token by ID to invalidate it before it will be expired.

Getting started

  1. clone the repo then go to the project dir.

  2. install dependencies with yarn or npm i.

  3. run cp .env.example .env and configure project with .env variables.

  4. yarn start:dev or npm run start:dev to start in development mode.

Other scripts You may check out in package.json.

Running with Docker

Development

  1. build container with docker-compose build --no-cache.

  2. run cp .env.example .env and configure project with .env variables.

  3. Up service with docker-compose up -d.

Production

  1. build container with docker-compose -f docker-compose.production.yml build --no-cache.

  2. run cp .env.example .env.production and configure project with .env.production variables.

  3. Up service with docker-compose -f docker-compose.production.yml up -d.

Tests

  • yarn test โ€“ run all unit tests.
  • yarn test:e2e โ€“ e2e tests.
  • yarn test:cov โ€“ unit tests with coverage.

To run tests use yarn test. To run tests with coverage โ€“ yarn test:coverage, e2e tests โ€“ yarn test:e2e.

Licence

License MIT

About

๐Ÿ”‘ JWT authentication service

Topics

redis typescript microservice jwt-authentication

Resources

Readme

License

MIT license
Activity

Stars

3 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

Languages