Passwords Microservice
This is a password authentication microservice from Pip.Services library.
- Sets user passwords and authenticate
- Safely change passwords
- Reset and recover passwords via emails
The microservice currently supports the following deployment options:
- Deployment platforms: Standalone Process, Seneca
- External APIs: HTTP/REST, Seneca
- Persistence: Flat Files, MongoDB
This microservice has optional dependencies on the following microservices:
- pip-services-activities - to log user activities
- pip-services-email - to send email notifications to users
- Download Links
- Development Guide
- Configuration Guide
- Deployment Guide
- Client SDKs
- Communication Protocols
Contract
Logical contract of the microservice is presented below. For physical implementation (HTTP/REST), please, refer to documentation of the specific protocol.
class UserPasswordV1 implements IStringIdentifiable {
/* Identification */
String id;
String password;
/* Password management */
DateTime change_time;
bool locked;
DateTime lock_time;
num fail_count;
DateTime fail_time;
String rec_code;
DateTime rec_expire_time;
/* Custom fields */
dynamic custom_hdr;
dynamic custom_dat;
}
class UserPasswordInfoV1 implements IStringIdentifiable {
String id;
DateTime change_time;
bool locked;
DateTime lock_time;
}
abstract class IPasswordsV1 {
Future<UserPasswordInfoV1> getPasswordInfo(
String? correlationId, String userId);
Future validatePassword(String? correlationId, String password);
Future setPassword(String? correlationId, String userId, String password);
Future<String> setTempPassword(String? correlationId, String userId);
Future deletePassword(String? correlationId, String userId);
Future<bool> authenticate(
String? correlationId, String userId, String password);
Future changePassword(String? correlationId, String userId, String oldPassword,
String newPassword);
Future<bool> validateCode(String? correlationId, String userId, String code);
Future resetPassword(
String? correlationId, String userId, String code, String password);
Future recoverPassword(String? correlationId, String userId);
}
Download
Right now the only way to get the microservice is to check it out directly from github repository
git clone git@github.com:pip-services-users/pip-services-passwords-dart.git
Pip.Service team is working to implement packaging and make stable releases available for your as zip downloadable archieves.
Run
Add config.yaml file to the root of the microservice folder and set configuration parameters.
Example of microservice configuration
---
# Container descriptor
- descriptor: "pip-services:context-info:default:default:1.0"
name: "pip-services-passwords"
description: "Passwords microservice for pip-services"
# Console logger
- descriptor: "pip-services:logger:console:default:1.0"
level: "trace"
# Performance counters that posts values to log
- descriptor: "pip-services:counters:log:default:1.0"
level: "trace"
{{#MEMORY_ENABLED}}
# In-memory persistence. Use only for testing!
- descriptor: "pip-services-passwords:persistence:memory:default:1.0"
{{/MEMORY_ENABLED}}
{{#FILE_ENABLED}}
# File persistence. Use it for testing of for simple standalone deployments
- descriptor: "pip-services-passwords:persistence:file:default:1.0"
path: {{FILE_PATH}}{{^FILE_PATH}}"./data/passwords.json"{{/FILE_PATH}}
{{/FILE_ENABLED}}
{{#MONGO_ENABLED}}
# MongoDB Persistence
- descriptor: "pip-services-passwords:persistence:mongodb:default:1.0"
collection: {{MONGO_COLLECTION}}{{^MONGO_COLLECTION}}passwords{{/MONGO_COLLECTION}}
connection:
uri: {{{MONGO_SERVICE_URI}}}
host: {{{MONGO_SERVICE_HOST}}}{{^MONGO_SERVICE_HOST}}localhost{{/MONGO_SERVICE_HOST}}
port: {{MONGO_SERVICE_PORT}}{{^MONGO_SERVICE_PORT}}27017{{/MONGO_SERVICE_PORT}}
database: {{MONGO_DB}}{{#^MONGO_DB}}app{{/^MONGO_DB}}
credential:
username: {{MONGO_USER}}
password: {{MONGO_PASS}}
{{/MONGO_ENABLED}}
{{^MEMORY_ENABLED}}{{^FILE_ENABLED}}{{^MONGO_ENABLED}}
# Default in-memory persistence
- descriptor: "pip-services-passwords:persistence:memory:default:1.0"
{{/MONGO_ENABLED}}{{/FILE_ENABLED}}{{/MEMORY_ENABLED}}
# Default controller
- descriptor: "pip-services-passwords:controller:default:default:1.0"
# Common HTTP endpoint
- descriptor: "pip-services:endpoint:http:default:1.0"
connection:
protocol: "http"
host: "0.0.0.0"
port: 8080
# HTTP endpoint version 1.0
- descriptor: "pip-services-passwords:service:http:default:1.0"
# Heartbeat service
- descriptor: "pip-services:heartbeat-service:http:default:1.0"
# Status service
- descriptor: "pip-services:status-service:http:default:1.0"
For more information on the microservice configuration see Configuration Guide.
Start the microservice using the command:
dart ./bin/run.dart
Use
The easiest way to work with the microservice is to use client SDK. The complete list of available client SDKs for different languages is listed in the Quick Links
If you use dart, then get references to the required libraries:
- Pip.Services3.Commons : https://github.com/pip-services3-dart/pip-services3-commons-dart
- Pip.Services3.Rpc: https://github.com/pip-services3-dart/pip-services3-rpc-dart
Add pip-services3-commons-dart, pip-services3-rpc-dart and pip-services_passwords packages
import 'package:pip_services3_commons/pip_services3_commons.dart';
import 'package:pip_services3_rpc/pip_services3_rpc.dart';
import 'package:pip_services_passwords/pip_services_passwords.dart';
Define client configuration parameters that match the configuration of the microservice's external API
// Client configuration
var httpConfig = ConfigParams.fromTuples(
"connection.protocol", "http",
"connection.host", "localhost",
"connection.port", 8080
);
Instantiate the client and open connection to the microservice
// Create the client instance
var client = PasswordsHttpClientV1(config);
// Configure the client
client.configure(httpConfig);
// Connect to the microservice
try{
await client.open(null)
}catch() {
// Error handling...
}
// Work with the microservice
// ...
Now the client is ready to perform operations
// Create a new password
final USER_PWD = UserPasswordV1(id: '1', password: 'password123');
// Create the password
try {
await client.setPassword('123', USER_PWD.id, USER_PWD.password);
// Do something with the returned password...
} catch(err) {
// Error handling...
}
// Authenticated
try {
var authenticated =
await controller.authenticate(null, USER_PWD.id, 'password123');
// Do something with authentication...
} catch(err) { // Error handling}
Acknowledgements
This microservice was created and currently maintained by
- Sergey Seroukhov
- Nuzhnykh Egor.