Skip to content

jalgoarena/JAlgoArena-Auth

Repository files navigation

JAlgoArena Auth Build Status codecov GitHub release

JAlgoArena Auth is core service dedicated for authentication and authorization of the JAlgoArena users. It's keeping all data in Cockroach DB, and for authorization it's using JWT tokens which are verified on the requests. Initial creation of accounts happens through AJAX requests.

Introduction

  • JAlgoArena Auth allows for creation of account, login in using username and password, authenticating using previously received token or just taking information about users of JAlgoArena.
  • On the first run of the service - it creates admin account with admin as username, and password put into logs
  • Submissions service talks directly with Auth service to make sure users are authenticated and they have required roles

Component Diagram

API

Sign up

Create a new user

URL Method
/signup POST
  • Data Params

    User json data passed as request body

    {
      "username": "user1",
      "password": "password1",
      "firstname":"First Name",
      "surname":"Surname",
      "email": "[email protected]",
      "region": "Krakow",
      "team": "TyniecTeam"
    }
  • Success Response:

    As the response you will get user data json filled with assigned id and role

    • Code: 201 CREATED
      Content: {"id":1,"username":"user1","password":"","firstname":"First Name","surname":"Surname","email":"[email protected]","region":"Krakow","team":"TyniecTeam","role":"USER"}
  • Error Response:

    If you try using same user name or email which is already taken by one of existing users - then you will get error response

    • Code: 409 CONFLICT
      Content: { "error": "Registration Error", "message": "User name is already used" }

    OR

    • Code: 409 CONFLICT
      Content: { "error": "Registration Error", "message": "Email is already used" }
  • Sample Call:

    curl --header "Content-Type: application/json" \
         --data '{"username":"user1","password":"password1","firstname":"First Name","surname":"Surname","email":"[email protected]","region":"Krakow","team":"TyniecTeam"}' \
         http://localhost:5003/signup

Get all users

Users api exposes two kind of APIs, public, and protected which can be accessed only using token.

Token is generated and returned during successful login

URL Method
/users GET
  • Success Response:

    Array of users

    • Code: 200
      Content: [{"id":1,"username":"user1","password":"","firstname":"First Name","surname":"Surname","email":"","region":"Krakow","team":"TyniecTeam","role":"USER"}]
  • Sample Call:

    curl http://localhost:5003/users

Log in

Log in gives you access to contest platform - after receiving request response you get token which can be further used as your identity token

URL Method
/login POST
  • Data Params

    As part of your request you have to pass login request json

    {
      "username": "user1",
      "password": "password1"
    }
  • Success Response:

    Once you successfully log in - you will get the token in the response which you may use for accessing protected endpoints

    • Code: 200
      Content: {"token":"eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJ1c2VyMiIsInNjb3BlcyI6WyJST0xFX1VTRVIiXSwiaXNzIjoiamFsZ29hcmVuYS5jb20iLCJpYXQiOjE1MzI2MDk3OTcsImV4cCI6MTUzNTIwMTc5N30.-6GZNBIOwdpelIHzQ9zzamA-LVGHgxO97aL_5e1uDXBOXmXBr6uRAdgnZxNkOiHSp-Hx115hCkDlYIuDCBeMTw","user":{"id":1,"username":"user1","password":"","firstname":"First Name","surname":"Surname","email":"[email protected]","region":"Krakow","team":"TyniecTeam","role":"USER"}}
  • Error Response:

    In case of wrong credentials access will be forbidden.

    • Code: 403 FORBIDDEN
      Content: {"timestamp":"2018-07-26T12:59:24.523+0000","status":403,"error":"Forbidden","message":"Access Denied","path":"/login"}
  • Sample Call:

    curl --header "Content-Type: application/json" \
         --data '{"username":"user1","password":"password1"}' \
         http://localhost:5003/login

Check session

Checking session is using token given during log in process - which can be used for accessing secured platform REST api and to confirm identity

URL Method
/api/user GET
  • Data Params

    As part of your request you have to set required headers

    'Accept': 'application/json',
    'X-Authorization': 'Bearer <token>'
    
  • Success Response:

    Once you successfully check session - you will get the user data in the response which is used as your identity

    • Code: 200
      Content: {"id":1,"username":"user1","firstname":"First Name","surname":"Surname","password":"","email":"[email protected]","region":"Krakow","team":"TyniecTeam","role":"USER"}
  • Error Response:

    In case of wrong credentials access will be forbidden.

    • Code: 401 UNAUTHORIZED
      Content: "timestamp":"2018-07-26T18:24:07.061+0000","status":401,"error":"Unauthorized","message":"Unauthorized","path":"/api/user"}
  • Sample Call:

    curl --header "Content-Type: application/json" \
         --header "X-Authorization: Bearer eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJ1c2VyMSIsInNjb3BlcyI6WyJST0xFX1VTRVIiXSwiaXNzIjoiamFsZ29hcmVuYS5jb20iLCJpYXQiOjE1MzI2MjkwNTksImV4cCI6MTUzNTIyMTA1OX0.klPU-g_7hDWw-A5Fr6i0y4pCVPRuOLnHsRV1Y7GKMmxYELNFAeLpsAf1y1JmW-KV8wz0pUztvTgcH2f-BJ6zKA" \
         http://localhost:5003/api/user

Running locally

There are two ways to run it - from sources or from binaries.

Running from binaries

  • go to releases page and download last app package (JAlgoArena-Auth-[version_number].zip)
  • after unpacking it, go to folder and run ./run.sh (to make it runnable, invoke command chmod +x run.sh)
  • you can modify port in run.sh script, depending on your infrastructure settings. The script itself can be found in here: run.sh

Running from sources

  • run git clone https://github.com/spolnik/JAlgoArena-Auth to clone locally the sources
  • now, you can build project with command ./gradlew clean bootRepackage which will create runnable jar package with app sources. Next, run java -Dserver.port=9999 -jar build\libs\jalgoarena-auth-*.jar which will start application
  • there is second way to run app with gradle. Instead of running above, you can just run ./gradlew clean bootRun

Notes

Component Diagram