README
¶
Users service
Users service provides an HTTP API for managing users. Through this API clients are able to do the following actions:
- register new accounts
- obtain access tokens
- verify access tokens
For in-depth explanation of the aforementioned scenarios, as well as thorough understanding of Mainflux, please check out the official documentation.
Configuration
The service is configured using the environment variables presented in the following table. Note that any unset variables will be replaced with their default values.
| Variable | Description | Default |
|---|---|---|
| MF_USERS_LOG_LEVEL | Log level for Users (debug, info, warn, error) | error |
| MF_USERS_DB_HOST | Database host address | localhost |
| MF_USERS_DB_PORT | Database host port | 5432 |
| MF_USERS_DB_USER | Database user | mainflux |
| MF_USERS_DB_PASSWORD | Database password | mainflux |
| MF_USERS_DB | Name of the database used by the service | users |
| MF_USERS_DB_SSL_MODE | Database connection SSL mode (disable, require, verify-ca, verify-full) | disable |
| MF_USERS_DB_SSL_CERT | Path to the PEM encoded certificate file | |
| MF_USERS_DB_SSL_KEY | Path to the PEM encoded key file | |
| MF_USERS_DB_SSL_ROOT_CERT | Path to the PEM encoded root certificate file | |
| MF_USERS_HTTP_PORT | Users service HTTP port | 8180 |
| MF_USERS_GRPC_PORT | Users service gRPC port | 8181 |
| MF_USERS_SERVER_CERT | Path to server certificate in pem format | |
| MF_USERS_SERVER_KEY | Path to server key in pem format | |
| MF_USERS_SECRET | String used for signing tokens | users |
| MF_JAEGER_URL | Jaeger server URL | localhost:6831 |
Deployment
The service itself is distributed as Docker container. The following snippet provides a compose file template that can be used to deploy the service container locally:
version: "2"
services:
users:
image: mainflux/users:[version]
container_name: [instance name]
ports:
- [host machine port]:[configured HTTP port]
environment:
MF_USERS_LOG_LEVEL: [Users log level]
MF_USERS_DB_HOST: [Database host address]
MF_USERS_DB_PORT: [Database host port]
MF_USERS_DB_USER: [Database user]
MF_USERS_DB_PASS: [Database password]
MF_USERS_DB: [Name of the database used by the service]
MF_USERS_DB_SSL_MODE: [SSL mode to connect to the database with]
MF_USERS_DB_SSL_CERT: [Path to the PEM encoded certificate file]
MF_USERS_DB_SSL_KEY: [Path to the PEM encoded key file]
MF_USERS_DB_SSL_ROOT_CERT: [Path to the PEM encoded root certificate file]
MF_USERS_HTTP_PORT: [Service HTTP port]
MF_USERS_GRPC_PORT: [Service gRPC port]
MF_USERS_SECRET: [String used for signing tokens]
MF_USERS_SERVER_CERT: [String path to server certificate in pem format]
MF_USERS_SERVER_KEY: [String path to server key in pem format]
MF_JAEGER_URL: [Jaeger server URL]
To start the service outside of the container, execute the following shell script:
# download the latest version of the service
go get github.com/mainflux/mainflux
cd $GOPATH/src/github.com/mainflux/mainflux
# compile the service
make users
# copy binary to bin
make install
# set the environment variables and run the service
MF_USERS_LOG_LEVEL=[Users log level] MF_USERS_DB_HOST=[Database host address] MF_USERS_DB_PORT=[Database host port] MF_USERS_DB_USER=[Database user] MF_USERS_DB_PASS=[Database password] MF_USERS_DB=[Name of the database used by the service] MF_USERS_DB_SSL_MODE=[SSL mode to connect to the database with] MF_USERS_DB_SSL_CERT=[Path to the PEM encoded certificate file] MF_USERS_DB_SSL_KEY=[Path to the PEM encoded key file] MF_USERS_DB_SSL_ROOT_CERT=[Path to the PEM encoded root certificate file] MF_USERS_HTTP_PORT=[Service HTTP port] MF_USERS_GRPC_PORT=[Service gRPC port] MF_USERS_SECRET=[String used for signing tokens] MF_USERS_SERVER_CERT=[Path to server certificate] MF_USERS_SERVER_KEY=[Path to server key] MF_JAEGER_URL=[Jaeger server URL] $GOBIN/mainflux-users
Usage
For more information about service capabilities and its usage, please check out the API documentation.
Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ( // ErrConflict indicates usage of the existing email during account // registration. ErrConflict = errors.New("email already taken") // ErrMalformedEntity indicates malformed entity specification (e.g. // invalid username or password). ErrMalformedEntity = errors.New("malformed entity specification") // when accessing a protected resource. ErrUnauthorizedAccess = errors.New("missing or invalid credentials provided") // ErrNotFound indicates a non-existent entity request. ErrNotFound = errors.New("non-existent entity") )
Functions ¶
This section is empty.
Types ¶
type Hasher ¶
type Hasher interface {
// Hash generates the hashed string from plain-text.
Hash(string) (string, error)
// Compare compares plain-text version to the hashed one. An error should
// indicate failed comparison.
Compare(string, string) error
}
Hasher specifies an API for generating hashes of an arbitrary textual content.
type IdentityProvider ¶
type IdentityProvider interface {
// TemporaryKey generates the temporary access token.
TemporaryKey(string) (string, error)
// Identity extracts the entity identifier given its secret key.
Identity(string) (string, error)
}
IdentityProvider specifies an API for identity management via security tokens.
type Service ¶
type Service interface {
// Register creates new user account. In case of the failed registration, a
// non-nil error value is returned.
Register(context.Context, User) error
// Login authenticates the user given its credentials. Successful
// authentication generates new access token. Failed invocations are
// identified by the non-nil error values in the response.
Login(context.Context, User) (string, error)
// Identify validates user's token. If token is valid, user's id
// is returned. If token is invalid, or invocation failed for some
// other reason, non-nil error values are returned in response.
Identify(string) (string, error)
}
Service specifies an API that must be fullfiled by the domain service implementation, and all of its decorators (e.g. logging & metrics).
func New ¶
func New(users UserRepository, hasher Hasher, idp IdentityProvider) Service
New instantiates the users service implementation.
type User ¶
User represents a Mainflux user account. Each user is identified given its email and password.
type UserRepository ¶
type UserRepository interface {
// Save persists the user account. A non-nil error is returned to indicate
// operation failure.
Save(context.Context, User) error
// RetrieveByID retrieves user by its unique identifier (i.e. email).
RetrieveByID(context.Context, string) (User, error)
}
UserRepository specifies an account persistence API.
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
Package api contains API-related concerns: endpoint definitions, middlewares and all resource representations.
|
Package api contains API-related concerns: endpoint definitions, middlewares and all resource representations. |
|
grpc
Package grpc contains implementation of users service gRPC API.
|
Package grpc contains implementation of users service gRPC API. |
|
http
Package http contains implementation of users service HTTP API.
|
Package http contains implementation of users service HTTP API. |
|
Package bcrypt provides a hasher implementation utilising bcrypt.
|
Package bcrypt provides a hasher implementation utilising bcrypt. |
|
Package jwt provides a JWT identity provider.
|
Package jwt provides a JWT identity provider. |
|
Package postgres contains repository implementations using PostgreSQL as the underlying database.
|
Package postgres contains repository implementations using PostgreSQL as the underlying database. |
|
Package tracing contains middlewares that will add spans to existing traces.
|
Package tracing contains middlewares that will add spans to existing traces. |
Click to show internal directories.
Click to hide internal directories.