Add Authentification

README.md

@@ -2,13 +2,15 @@
 
 # moleculer-mysql-template
 
-Moleculer template for creating a web api, with a remote MySQL database.
+Moleculer template for creating a secure web api, with a remote MySQL database, and a default account management.
 
 **This template is based on [moleculer](https://github.com/moleculerjs/moleculer), using:**
 - [moleculer-web](https://github.com/moleculerjs/moleculer-web)
 - [moleculer-db](https://github.com/moleculerjs/moleculer-db)
 - [sequelize](https://github.com/sequelize/sequelize)
 - [mysql2](https://github.com/sidorares/node-mysql2)
+- [password-hash](https://github.com/davidwood/node-password-hash)
+- [JSON Web Token](https://github.com/auth0/node-jsonwebtoken) (JWT)
 
 # Description
 
@@ -23,6 +25,11 @@ For now the actions are very limited, but when understanding the adapter, you ca
 - Create your own services (just be sure to keep the configuration described in [Usage](https://github.com/AGenson/moleculer-mysql-template/wiki/Usage))
 - Change API routes to your own purpose (*cf - [moleculer-web](https://github.com/moleculerjs/moleculer-web)* for more details)
 
+**New**
+- Securing the API with an authentification process (password / tokens)
+- Create, manage or delete user accounts
+- ADMIN priviledge management
+
 ---
 
 # Features
@@ -32,6 +39,11 @@ For now the actions are very limited, but when understanding the adapter, you ca
 - Multi-table management (one service can do operations on several tables of the database)
 - Formatting answers from requests ( Responses / Errors )
 
+**New Features**
+- Authentification of http request
+- Default user account management
+- Securing of accounts with hashed password and tokens management
+
 ---
 
 # Install
@@ -145,7 +157,7 @@ getAll: {
 
 ---
 
-# Functions
+# Database Management Functions
 Functions are all detailed [HERE](https://github.com/AGenson/moleculer-mysql-template/wiki/Functions)
 ## Constructor
 | Property | Type             | Default      | Description                                      |
@@ -169,7 +181,7 @@ All operations on a table
 
 ---
 
-# Errors
+# Database Errors
 
 ## Errors handling
 Each operation functions return the wanted information, with a **specific format** (name, message, data).
@@ -186,3 +198,7 @@ The adapter will manage the format of the response, as described in functions or
 But you do not especially want your client to see all those formatted responses. So here is an implementation of what could be a modulable solution.
 
 See details [HERE](https://github.com/AGenson/moleculer-mysql-template/wiki/Errors-handling-(from-service))
+
+---
+
+# Account & Priviledge Management Functions

index.js

@@ -15,8 +15,9 @@ DatabaseServices.forEach( (service) => {
 
 
 
-broker.start().then(() => {
-	broker.repl();
-
-	console.log("Server started");
-});
+broker.start()
+	.then( () => {
+		broker.repl();
+		broker.call("users.createAdminIfNotExists")
+			.then( () => console.log("Server started"));
+	});

package.json

@@ -1,7 +1,7 @@
 {
   "name": "moleculer-mysql-template",
-  "version": "1.0.0",
-  "description": "Moleculer-MySQL project",
+  "version": "2.0.0",
+  "description": "Moleculer-MySQL Adapter with authentication",
   "private": true,
   "scripts": {
     "start": "node ./index.js"
@@ -10,7 +10,9 @@
     "microservices",
     "moleculer",
     "moleculer-web",
-    "mysql"
+    "mysql",
+    "jsonwebtoken",
+    "authentication"
   ],
   "repository": {
     "type": "git",
@@ -22,11 +24,13 @@
     "moleculer-repl": "^0.3.0"
   },
   "dependencies": {
+    "jsonwebtoken": "^8.2.1",
     "moleculer": "^0.11.0",
     "moleculer-db": "^0.7.0",
     "moleculer-db-adapter-sequelize": "^0.1.5",
     "moleculer-web": "^0.6.0",
-    "mysql2": "^1.5.2"
+    "mysql2": "^1.5.2",
+    "password-hash": "^1.2.2"
   },
   "engines": {
     "node": ">= 6.x.x"

src/fixtures/database_template/database.config.js

@@ -1,8 +1,8 @@
 
 module.exports = {
-	host: "mysql.example.host",
+	host: "den1.mysql4.gear.host",
 	port: "3306", // Default for mysql => 3306
-	database: "db_example",
-	username: "db_user",
-	password: "db_password"
+	database: "bddtest",
+	username: "bddtest",
+	password: "N8aM_HDHmG"
 }

src/fixtures/database_template/models/TokenModel.js

@@ -0,0 +1,32 @@
+"use strict";
+
+const Sequelize = require("sequelize");
+
+// For more information about Sequelize Data Types :
+// http://docs.sequelizejs.com/manual/tutorial/models-definition.html#data-types
+
+
+
+module.exports = {
+	name: "token",
+	define: {
+		id: { // id must always exist
+			type: Sequelize.UUID, // Uses uuidv4 by default (default value is recommended)
+			primaryKey: true,
+			defaultValue: Sequelize.UUIDV4
+		},
+
+		token: {
+			type: Sequelize.TEXT,
+			allowNull: false
+		},
+
+		userId: {
+			type: Sequelize.UUID,
+			allowNull: false
+		}
+	},
+	options: {
+		timestamps: false
+	}
+};

src/fixtures/database_template/models/UserModel.js

@@ -0,0 +1,44 @@
+"use strict";
+
+const Sequelize = require("sequelize");
+
+// For more information about Sequelize Data Types :
+// http://docs.sequelizejs.com/manual/tutorial/models-definition.html#data-types
+
+
+
+module.exports = {
+	name: "user",
+	define: {
+		id: { // id must always exist
+			type: Sequelize.UUID, // Uses uuidv4 by default (default value is recommended)
+			primaryKey: true,
+			defaultValue: Sequelize.UUIDV4
+		},
+
+		username: {
+			type: Sequelize.STRING(20),
+			allowNull: false,
+			unique: true
+		},
+
+		password: {
+			type: Sequelize.TEXT,
+			allowNull: false
+		},
+
+		age: {
+			type: Sequelize.INTEGER,
+			allowNull: true
+		},
+
+		role: {
+			type: Sequelize.STRING(10),
+			allowNull: false,
+			defaultValue: "USER"
+		}
+	},
+	options: {
+		timestamps: false
+	}
+};

src/fixtures/database_template/models/index.js

@@ -1,9 +1,13 @@
+const UserModel = require("./UserModel");
+const TokenModel = require("./TokenModel");
 const Table1Model = require("./Table1Model");
 const Table2Model = require("./Table2Model");
 
 
 
 module.exports = {
+	User: UserModel,
+	Token: TokenModel,
 	Table1: Table1Model,
 	Table2: Table2Model
 };