Authentic
Authentication for microservices. This is collection of the following modules:
What is it?
Authentic is a collection of modules to help your various services authenticate a user. Put more concretely, Authentic does the following:
- Allow your users to "sign up", "confirm", "log in", and "change password" with their email address and a chosen password (persisted to a db of your choice), and provide an authentication token (JWT) on successful log in.
- Easily protect access to your microservice by decrypting a user's authentication token.
- Help make requests from the browser to
authentic-server
for sign up/confirm/login/password reset, as well as automatically including the authentication token in requests to your microservices.
Example
Let's pretend you work at ScaleHaus (Uber meets Airbnb for lizards). You have a web app at admin.scalehaus.io
(client-side SPA) that is an interface to various microservices (like reporting.scalehaus.io
). You want to make sure that only employees with a @scalehaus.io
email address have access to your app and microservices. Here's how you can do it:
-
Create an authentication server with authentic-server available at
auth.scalehaus.io
. -
Add views to
admin.scalehaus.io
for signup/confirm/login/reset-password and use authentic-client for those actions and for requests to your microservices. -
In your microservice(s), e.g.
reports.scalehaus.io
, use authentic-service to decrypt the authentication token provided in the request and verify the user's identity and that their email ends in@scalehaus.io
.
Installation
It's best to install each module individually in the project that needs it. In theory, you could have a single project that needs to be the server, client, and service -- in that case feel free to npm install --save authentic
. Otherwise use npm install --save authentic-server
, npm install --save authentic-service
, or npm install --save authentic-client
depending on your project.
In Action
Authentic Server
var fs = var http = var Authentic = server var auth = httpconsole
Microservice
var http = var Authentic = service var auth = http console
Client Login
var Authentic = client var auth = var creds = email: 'chet@scalehaus.io' password: 'notswordfish' // Step 1: log inauth
License
MIT