annams

ANNAMS

Authentication && Authorization MicroService created for container-based deployments.

• Authentication
• Authorisation
• MicroService

Documentation Index

• Configuring Annams
• Deploying Annams
• REST-ful API
• GraphQL API
• Contributing

Annams Elsewhere

• on CodeClimate @ https://codeclimate.com/github/zephinzer/annams
• on DockerHub @ https://hub.docker.com/r/zephinzer/annams/
• on GitHub @ https://github.com/zephinzer/annams
• on NPM @ https://www.npmjs.com/package/annams
• on Travis @ https://travis-ci.org/zephinzer/annams/

About ANNAMS

Authentication

Authentication is the process of knowing who a user is. Annams provides for the following methods of authenticating a user:

• Email/password
• Username/password
• One-Time-Email
• Via Facebook
• Via Google

To keep Annams stateless, we utilise JSON Web Tokens (JWTs) which are signed using asymmetric keys.

Authorization

Authorization is the process of restricting access to content a user may access. Annams allows you to create Resource Types, Groups, and Accounts.

• Resource Types are atomic and can be assigned one or more Groups.
• Groups can be assigned one or more Accounts.
• Accounts belonging to a Group that has access to a Resource Type will be able to access the Resource Type, otherwise, access can be denied.

MicroService

Annams was created for deployment as part of a larger microservice architecture and accounts for both intra-network communications with other microservices, as well as communication with a client-side application. We implement the following features:

• Basic HTTP header security
• GZIP compressed responses
• Metrics collection/exposing (via Prometheus)
• Liveness Checks
• Readiness Checks
• Cross-Origin-Resource-Sharing (CORS)
• MicroServices compatible logging (via Pino)
• Containerisable (via Docker)
• Traceability (via Zipkin)
• Support for Consumer Driven Contract (CDC) Testing (via Wiremock)
• Virtual Machine Deployment Support (via PM2)
• Container Deployment Support (via Docker)
• Container Deployment Support (via Kubernetes)
• REST-ful API

Future Development

The following are on the roadmap for future development:

• HTTP/2 Compatibility
• GraphQL API
• Administrator Frontend

Architecture Notes

Primary Technologies

• Shell Scripting
• JavaScript (ES2017)
• Docker
• Kubernetes

Significant Frameworks/Libraries/Tools

• App Framework : Express
• API Framework : Swagger
• Service Logger : Pino
• Request Logger : Morgan
• Query Builder : Knex
• Object Relational Mapper : Objection.js
• Test Framework : Mocha
• Assertion Library : Chai
• Test Coverage : NYC
• Code Quality Checker : ESLint
• Vulnerability Assessment : NSP
• Metrics : Prometheus
• Request Tracing : Zipkin
• Consumer Driven Contract Testing : Wiremock
• Container Bundling : Docker
• Continuous Integration : Travis
• Deployment : PM2 Docker, Kubernetes
• Releases : NPM, GitHub, DockerHub

Third Party Services

• Code Climate for code quality
• DockerHub for container image hosting
• Travis for continuous integration/delivery

License

Annams is licensed under the GPLv3 license.

Authentication && Authorization MicroService (ANNAMS)

Copyright (C) 2018 Joseph Matthias Goh (@zephinzer)

This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see https://www.gnu.org/licenses/.

Cheers

(please contribute!)