This is opinionated boilerplate code that aims to meet the requirements set out by our technical architecture team. Anyone is welcome to contribute!
Main objective
- 1. Create a Plug and Play Identity Microservice that follows industry security standards. (Oauth 2.0, JWT)
- 2. One command deployment. (Infrastructure & Application Code)
Features
- Sign Up
- Local Login
- Social Login
- Logout
- Password Reset
- Account Verification (Email & Phone Numbers)
- SSO using JWT
- Authorization using Oauth 2.0
- Integration/E2E Testing
- Granular User Permissions
- Granular API Protection
- One command deployment
- Passport (Various Strategies)
- Aurora Serverless with Data API
- AWS Pinpoint (SMS & Email)
- AWS Lambda
- API Gateway
- Express
- Serverless Framework
- Typeorm
- TSOA
- Jest
- Swagger
Warning: Although using the code is absolutely free, the AWS resources required to run the microservice isn't. A full deployment of the solution will cost you money.
- You need an AWS account
- You need a domain registed using Route53 in the same AWS account.
- We recommend using subdomains for each micro-service you create. api.yourdomain.co.za appose to yourdomain.co.za/api. This is to keep your certificates and domains isolated for each micro-service.
- Install Serverless globally
npm install -g serverless
- Install all packages
npm install
- Configure your serverless to use the correct AWS profile
serverless config credentials --provider aws --key <YOURKEY> --secret <YOURSECRET> --profile <PROFILENAME>
- Create and configure your local and test env files inside your environments folder.
Filenames
- .env.local
- .env.test
AWS_ACCESS_KEY_ID=<YOUR KEY>
AWS_SECRET_ACCESS_KEY=<YOUR_SECRET>
AWS_PROFILE=<AWS_PROFILE_NAME>
ADMIN_PASSWORD=<ANY_PASSWORD>
HOSTED_ZONE_ID=<ROUTE_53_HOSTED_ZONE_ID>
GOOGLE_CLIENT_ID=<YOUR_GOOGLE_CLIENT_ID>
GOOGLE_CLIENT_SECRET=<YOUR_GOOGLE_CLIENT_SECRET>
FACEBOOK_CLIENT_ID=<YOUR_FACEBOOK_CLIENT_ID>
FACEBOOK_CLIENT_SECRET=<YOUR_FACEBOOK_CLIENT_SECRET>
- Uses node and nodemon (Rapid Development)
npm run dev
- Uses serverless offline (AWS Simulate)
npm run offline
npm run deploy:dev
npm run deploy:uat
npm run deploy:prod
npm run destroy:dev
npm run destroy:uat
npm run destroy:prod
Note: Lambda cold start plays a role in showing the initial load of swagger ui interface.
Note: Initial deployments can take up to 40 min. This because certificates needs to be validated and DNS needs to propogate. You can fast track the process by logging into the console and creating the DNS records from the ACM section in N. Virgina region.
- AWS (API Gateway, Lambda, ACM & Route53) - Full Featured
- Docker Container running Node.js - No Auto Domain Setup
- Linux Server/Windows Server running Node.js - No Auto Domain Setup
See the architecture below
npm run test
- Up Code Coverage on Facebook & Google flows
- Review & Clean up Docs Architecture folder
- Code Clean up
- Up code coverage on passport strategies
- How-To Video
- 1.0.0 Beta
- BCX Exa Team
- We would appriciate any contribution from the community