Prototype - Authentication service
Authentication REST API service that uses redis for a token whitelist.
Setup
Dependencies
- Docker
- Node v4.2.2
Install
-
Clone the repository
$ git clone https://github.com/logikaljay/prototype-auth-serviceCloning into 'prototype-auth-service'...remote: Counting objects: 145, done.remote: Compressing objects: 100% , done.remote: Total 145 , reused 0 , pack-reused 62Receiving objects: 100% , 22.83 KiB | 0 bytes/s, done.Resolving deltas: 100% , done.Checking connectivity... done. -
Change directory into the cloned repository
$ cd prototype-auth-service -
Install node dependencies
$ npm install -
Start redis docker container
$ ./scripts/start-redis.shUnable to find image 'redis:latest' locallylatest: Pulling from library/redisc950d63587be: Pull complete...983055d62ddd: Pull completeDigest: sha256:4db2d14088d8bf21d9541010fdbca78697bd9dd51010728f50ee8f7893321367Status: Downloaded newer image -
Run tests
$ npm test> prototype-auth-service@0.0.0-semantic-release test /home/user/prototype-auth-service> labHapi listening on http://127.0.0.1:8080......6 tests completeTest duration: 72 msNo global variable leaks detected -
Start service
$ npm start> prototype-auth-service@0.0.0-semantic-release start /home/user/prototype-auth-service> node indexHapi listening on http://127.0.0.1:8080
Endpoints
- GET / - return list of active tokens
- POST / - log in
- DELETE / - log out
Usage
Get a token
$ curl -X "POST" http://localhost:8080/ -H "Content-Type: application/json" -d '{"userName": "some.fake@user.co", "password": "password1" }'
Output
List all tokens
$ curl -X "GET" http://localhost:8080/ -H "Content-Type: application/json" -H "Authorization: Bearer TOKEN"
Output
Delete/revoke a token
$ curl -X "DELETE" http://localhost:8080/ -H "Content-Type: application/json" -H "Authorization: Bearer TOKEN"
Output
Validate a token
$ curl -X "POST" http://localhost:8080/validate -H "Content-Type: application/json" -d '{ "userid": "63c233d2", "token": "TOKEN" }'
Output
Validate a token (Less secure, but much faster)
$ curl -X "DELETE" http://localhost:8080/secure -H "Content-Type: application/json" -H "Authorization: Bearer TOKEN"
Output
Benchmarks
-
Benchmark run on a Late 2013 Macbook Pro 2.3ghz i7 with 16gb of RAM
$ cd scripts$ ./ab-session.sh 10000 -c 130Output
Server Software: Server Hostname: 127.0.0.1 Server Port: 8080 Document Path: / Document Length: 270 bytes Concurrency Level: 130 Time taken for tests: 9.288 seconds Complete requests: 10000 Failed requests: 0 Total transferred: 4380000 bytes Total body sent: 1960000 HTML transferred: 2700000 bytes Requests per second: 1076.70 [#/sec] (mean) Time per request: 120.739 [ms] (mean) Time per request: 0.929 [ms] (mean, across all concurrent requests) Transfer rate: 460.54 [Kbytes/sec] received 206.09 kb/s sent 666.63 kb/s total
-
Benchmark run on a AMD Phenom 965 3.4ghz with 32gb of RAM
$ cd scripts$ ./ab-session.sh 10000 -c 650Output
Server Software:Server Hostname: 127.0.0.1Server Port: 8080Document Path: /Document Length: 270 bytesConcurrency Level: 650Time taken
TODO
- Integrate with data layer to persist tokens
- Check data layer when token does not exist in whitelist
- Revoke all tokens