Pip.Services Logo
Passwords Microservice

This is a password authentication microservice from Pip.Services library.

  • Sets user passwords and authenticate
  • Safely change passwords
  • Reset and recover passwords via emails

The microservice currently supports the following deployment options:

  • Deployment platforms: Standalone Process, Seneca
  • External APIs: HTTP/REST, Seneca
  • Persistence: Flat Files, MongoDB

This microservice has optional dependencies on the following microservices:

Quick Links:


Logical contract of the microservice is presented below. For physical implementation (HTTP/REST), please, refer to documentation of the specific protocol.

class UserPasswordV1 implements IStringIdentifiable {
  /* Identification */
  String id;
  String password;

  /* Password management */
  DateTime change_time;
  bool locked;
  DateTime lock_time;
  num fail_count;
  DateTime fail_time;
  String rec_code;
  DateTime rec_expire_time;

  /* Custom fields */
  dynamic custom_hdr;
  dynamic custom_dat;

class UserPasswordInfoV1 implements IStringIdentifiable {
  String id;
  DateTime change_time;
  bool locked;
  DateTime lock_time;

abstract class IPasswordsV1 {
  Future<UserPasswordInfoV1> getPasswordInfo(
      String? correlationId, String userId);

  Future validatePassword(String? correlationId, String password);

  Future setPassword(String? correlationId, String userId, String password);

  Future<String> setTempPassword(String? correlationId, String userId);

  Future deletePassword(String? correlationId, String userId);

  Future<bool> authenticate(
      String? correlationId, String userId, String password);

  Future changePassword(String? correlationId, String userId, String oldPassword,
      String newPassword);

  Future<bool> validateCode(String? correlationId, String userId, String code);

  Future resetPassword(
      String? correlationId, String userId, String code, String password);

  Future recoverPassword(String? correlationId, String userId);


Right now the only way to get the microservice is to check it out directly from github repository

git clone git@github.com:pip-services-users/pip-services-passwords-dart.git

Pip.Service team is working to implement packaging and make stable releases available for your as zip downloadable archieves.


Add config.yaml file to the root of the microservice folder and set configuration parameters.

Example of microservice configuration

# Container descriptor
- descriptor: "pip-services:context-info:default:default:1.0"
  name: "pip-services-passwords"
  description: "Passwords microservice for pip-services"

# Console logger
- descriptor: "pip-services:logger:console:default:1.0"
  level: "trace"

# Performance counters that posts values to log
- descriptor: "pip-services:counters:log:default:1.0"
  level: "trace"

# In-memory persistence. Use only for testing!
- descriptor: "pip-services-passwords:persistence:memory:default:1.0"

# File persistence. Use it for testing of for simple standalone deployments
- descriptor: "pip-services-passwords:persistence:file:default:1.0"
  path: {{FILE_PATH}}{{^FILE_PATH}}"./data/passwords.json"{{/FILE_PATH}}

# MongoDB Persistence
- descriptor: "pip-services-passwords:persistence:mongodb:default:1.0"
    uri: {{{MONGO_SERVICE_URI}}}
    database: {{MONGO_DB}}{{#^MONGO_DB}}app{{/^MONGO_DB}}
    username: {{MONGO_USER}}
    password: {{MONGO_PASS}}

# Default in-memory persistence
- descriptor: "pip-services-passwords:persistence:memory:default:1.0"

# Default controller
- descriptor: "pip-services-passwords:controller:default:default:1.0"

# Common HTTP endpoint
- descriptor: "pip-services:endpoint:http:default:1.0"
    protocol: "http"
    host: ""
    port: 8080

# HTTP endpoint version 1.0
- descriptor: "pip-services-passwords:service:http:default:1.0"

# Heartbeat service
- descriptor: "pip-services:heartbeat-service:http:default:1.0"

# Status service
- descriptor: "pip-services:status-service:http:default:1.0"

For more information on the microservice configuration see Configuration Guide.

Start the microservice using the command:

dart ./bin/run.dart


The easiest way to work with the microservice is to use client SDK. The complete list of available client SDKs for different languages is listed in the Quick Links

If you use dart, then get references to the required libraries:

Add pip-services3-commons-dart, pip-services3-rpc-dart and pip-services_passwords packages

import 'package:pip_services3_commons/pip_services3_commons.dart';
import 'package:pip_services3_rpc/pip_services3_rpc.dart';

import 'package:pip_services_passwords/pip_services_passwords.dart';

Define client configuration parameters that match the configuration of the microservice's external API

// Client configuration
var httpConfig = ConfigParams.fromTuples(
	"connection.protocol", "http",
	"connection.host", "localhost",
	"connection.port", 8080

Instantiate the client and open connection to the microservice

// Create the client instance
var client = PasswordsHttpClientV1(config);

// Configure the client

// Connect to the microservice
  await client.open(null)
}catch() {
  // Error handling...
// Work with the microservice
// ...

Now the client is ready to perform operations

// Create a new password
final USER_PWD = UserPasswordV1(id: '1', password: 'password123');

    // Create the password
    try {
      await client.setPassword('123', USER_PWD.id, USER_PWD.password);
      // Do something with the returned password...
    } catch(err) {
      // Error handling...     
// Authenticated
try {
var authenticated =
          await controller.authenticate(null, USER_PWD.id, 'password123');
    // Do something with authentication...

    } catch(err) { // Error handling}


This microservice was created and currently maintained by

  • Sergey Seroukhov
  • Nuzhnykh Egor.