Auth Service

Database

Two tables have been added to the database: Users & Tokens.

Users table is an example, it can be changed to add more information about users. Anyway, the fields id, username, password and role must ❗NOT❗ be removed.

Users

Property	Description
`id`	Default UUID id
`username`	Username of the user (Must be Unique)
`password`	Crypted password in SHA256
`role`	Role of the user for authorization
`age`	Optional information about the user

Tokens

Property	Description
`id`	Default UUID id
`token`	Token generated by JWT
`userId`	The UUID id from the User table

Actions

login

Login function. It will first check if the username exists, then if the password is correct. If so, a token is generated, stored in the database and returned to the user.

Tokens are used for logged user, avoiding them to reconnect everytime. It needs to be placed in header of your HTTP request, like so: Bearer sdfgSDFgsdRDGsgrsRDG345.sdf-sddf

When the token is generated by JWT, it uses a private key, that you need to define:

const JWT_SECRET = "TOP SECRET!!!";

Property	Type	Description
`username`	`String`	Username of the user
`password`	`String`	Password of the user

verifyPassword

It is recommended to NOT put it as a direct HTTP request action in the API, but as an internal action.

The function verify if the user exist, and if the password checks out.

Property	Type	Description
`username`	`String`	Username of the user
`password`	`String`	Password of the user

verifyToken

Double check if the given token is valid (by a JWT function), and if it is stored in the database.

Property	Type	Description
`token`	`String`	Token corresponding to a logged user

countSessions

❗Need a user to be logged❗

Counts the number of open sessions (tokens) the user has.

closeAllSessions

❗Need a user to be logged❗

Close all the open sessions of the user, including the one he is using. Internally remove all the tokens linked to his account.

logout

❗Need a user to be logged❗

Close the current session of the user, removing the current token from the database.

Moleculer logo

Home
Features
Install
Usage
Database Functions
- Constructor
  - constructor
- Operations
  - find
  - findOne
  - findById
  - count
  - insert
  - insertMany
  - updateById
  - updateMany
  - removeById
  - removeMany
  - removeAll
Database Errors
- Errors handling
- Errors handling (from service)
Account Management

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Auth Service

Auth Service

Database

Users

Tokens

Actions

login

verifyPassword

verifyToken

countSessions

closeAllSessions

logout

Clone this wiki locally