Categorygithub.com/moapis/authenticator
modulepackage
0.3.2
Repository: https://github.com/moapis/authenticator.git
Documentation: pkg.go.dev
Overview
Versions
1
Dependencies
10
Dependents
7
Files
1.4k SLOC

# README

Build Status codecov GoDoc Go Report Card

Authenticator

A stand-alone gRPC based authentication API. Easily integrate authentication into any custom project. Authenticator takes care of user credential storage and checking. It generates JSON Web tokens for users, which easily can be verified by other servers in your ecosystem using performant and secure EdDSA public key cryptography.

Benefits:

  • Added security, the user credentials live in a seperate database schema as you application's one. Creating a strict seperation in database access;
  • No more password checking logic in you application. Just send a API call to authenticator and check the generated token on each subseqeuent request;

Fautures

  • gRPC based, simply implement a client in your own preferred language by compiling protobuffer files;
  • Support for master/slave database setups using our own MultiDB library;
  • Admin panel for user management;
  • A basic HTTP based login server, based on redirects;
  • Argon2 hashed password storage;
  • User groups and "audiences" for fine grained authorization checking;
  • Comes with the verify Go library, which has ready to use token verification methods to integration even easier;

Status

This project is still under heavy development. We've recently deployed a beta version of the gRPC and admin server.

Future plans

  • Two factor authentication
  • OAuth2 provider support

Development

When developing against Authenticator, there is a docker-compose.yml file which sets up a development infrastructure. It start a postgresql instance, runs the neccesary migrations and start the server instances. You can download the Compose file or run this from the root of the repository:

docker compose up
  • The authenticator gRPC server will be served at port 8765.
  • The admin interface will be served at port 1234.

The defaut user is "admin@localhost", password "admin", member of the group "primary" and audience "authenticator".

Protocol buffers

The authenticator server uses gRPC through protocol buffers generation. To regenerate the gRPC definitions, run:

protoc --go_out=plugins=grpc:$(go env GOPATH)/src authenticator.proto

# Packages

No description provided by the author
No description provided by the author
Package middleware provides means of verifying JWTs generated by `cmd/admin`'s login handler or similar mechanisms.
No description provided by the author
Package verify provides middleware for GRPc servers which need to verify JSON Web Tokens generated by this Authenticator service.

# Functions

No description provided by the author
No description provided by the author

# Variables

No description provided by the author

# Structs

No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
UnimplementedAuthenticatorServer can be embedded to have forward compatible implementations.
No description provided by the author
No description provided by the author
UserPassword holds the e-mail of the user and its password.

# Interfaces

AuthenticatorClient is the client API for Authenticator service.
AuthenticatorServer is the server API for Authenticator service.