microapidev / auth-microapi Goto Github PK
View Code? Open in Web Editor NEWA microapi to allow easy integration of authentication into your service
Home Page: https://authentication-microapi.herokuapp.com/
License: MIT License
A microapi to allow easy integration of authentication into your service
Home Page: https://authentication-microapi.herokuapp.com/
License: MIT License
Describe the bug
Bug report from Slack post
To Reproduce the bug
Steps to reproduce the behavior:
POST /api/admin/register
POST /api/admin/getkey
POST /api/user/register
POST /api/user/password/reset
PATCH /api/user/password/{token}
password is not encrypted upon change, thus server tries to decrypt a clear text password, leading to login failure
How do you intend to solve this bug?
use mongoose pre
hooks for findOneAndUpdate
Desktop (please complete the following information):
Smartphone (please complete the following information):
Additional context
Is your feature request related to a problem? Please describe.
Different authentication routes for users
Describe how to intend to go about adding this feature
Use express routers
Additional context
Add any other context or screenshots about the feature request here.
The current implementation depends on the authentication providers API credentials that are stored internally. The user cannot enter their own credentials, provided to them when they registered with an authentication provider, to use with the authentication API.
For example, a user should be able to go to the Google API console and create credentials for use by the authentication MicroAPI. Passing the credentials to the authentication MicroAPI will enable Google as an active social sign in/up option. Then users can then use the endpoints (e.g. /api/auth/google
) we expose to use the social sign in/up.
User Story 1: As a user, I would like to be able to select which authentication provider to activate for my specific use case.
Currently Available Authentication Providers:
User Story 2: As a user, I would like to be able to provide the credentials for my selected authentication providers' (e.g. Github Client ID and Secret) to the API during registration or an update any other time after.
{
key: string,
secret: string
}
{
appId: string,
appSecret: string
}
{
clientId: string,
clientSecret: string
}
{
clientId: string,
clientSecret: string
}
{ googleEnabled: true }
)./api/auth/google
)Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
Describe how to intend to go about adding this feature
Describe the approach you will take in adding this feature.
Additional context
Add any other context or screenshots about the feature request here.
Describe the bug
The error is "ESLint: Failed to load config "airbnb-base" to extend from"
.This happens because the package "eslint-config-airbnb-base"
has not yet been installed yet we have the line extends: ['airbnb-base']
To Reproduce the bug
Steps to reproduce the behavior:
Open the .eslintrc.js file,you'll see the error stated above immidiately.
Screenshots
How do you intend to solve this bug?
Install airbnb-base manually by doing npm instll --save-dev eslint-config-airbnb-base
Desktop (please complete the following information):
Smartphone (please complete the following information):
Additional context
Add any other context about the problem here.
Is your feature request related to a problem? Please describe.
Phone is needed for potential OTP
Describe how to intend to go about adding this feature
Redefine the User Schema to accomodate the new parameters. Write tests to ensure admin user registration route works
Additional context
None.
Describe the bug
Unclear documentation
To Reproduce the bug
Steps to reproduce the behavior:
Screenshots
If applicable, add screenshots to help explain your problem.
How do you intend to solve this bug?
Describe in clear and concise manner how you intend to approach fixing this bug.
Desktop (please complete the following information):
Smartphone (please complete the following information):
Additional context
Add any other context about the problem here.
Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
Describe how to intend to go about adding this feature
Describe the approach you will take in adding this feature.
Additional context
Add any other context or screenshots about the feature request here.
Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
Describe how to intend to go about adding this feature
Describe the approach you will take in adding this feature.
Additional context
Add any other context or screenshots about the feature request here.
Give brief description of what documentation changes were made.
Use Swagger to create an open Api Documentation page
Is your feature request related to a problem? Please describe.
Users with unverified email shouldn't have access to login
Describe how to intend to go about adding this feature
Using a middleware function in login route
Additional context
none
###Rewrote documentation on how to use and contribute to repo.###
Is your feature request related to a problem? Please describe.
To make the onboarding process faster
Describe how to intend to go about adding this feature
Refactor code that allows for verification of admin users
Additional context
none
Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
Describe how to intend to go about adding this feature
Describe the approach you will take in adding this feature.
Additional context
Add any other context or screenshots about the feature request here.
Not found route handler
The route will take care of every route that returns 404 status code
Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
Describe how to intend to go about adding this feature
Describe the approach you will take in adding this feature.
Additional context
Add any other context or screenshots about the feature request here.
Brief description of tasks and objectives
There is not validation or sanitization going for any request, untrusted inputs are just fed to the database. This can lead to security problems like remote script execution and injection.
Additional resources for context
Acceptance criteria to qualify for completion
I will like to implement this
slack username: @Simeon979
Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
Describe how to intend to go about adding this feature
Describe the approach you will take in adding this feature.
Additional context
Add any other context or screenshots about the feature request here.
Is your feature request related to a problem? Please describe.
Secure routes for admin user to login and sign up users
Describe how to intend to go about adding this feature
Create middleware that authorizes users before request is passed to route
Additional context
Add any other context or screenshots about the feature request here.
Is your feature request related to a problem? Please describe.
Provide user with easier means of authentication using social auth.
Describe how to intend to go about adding this feature
Additional context
None
Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
Describe how to intend to go about adding this feature
Describe the approach you will take in adding this feature.
Additional context
Add any other context or screenshots about the feature request here.
Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
Describe how to intend to go about adding this feature
Describe the approach you will take in adding this feature.
Additional context
A logout route for login user out from the app, can't perform any action unless he login again, and active user route for retrieving current or active user that's login
Describe the bug
Linting errors caused by poor code style
To Reproduce the bug
Steps to reproduce the behavior:
npm install
npm run lint
Screenshots
If applicable, add screenshots to help explain your problem.
How do you intend to solve this bug?
By refactoring the codebase to allow for eslint applicable style
Desktop (please complete the following information):
Smartphone (please complete the following information):
Additional context
Add any other context about the problem here.
Is your feature request related to a problem? Please describe.
To confirm the person signing up is not a robot or scammer there is need to confirm the user email address before letting the person carryout core activities on the platform this API will be used.
Describe how to intend to go about adding this feature
The pseudocode goes thus:
Additional context
This request is 1 of 3 that will handle the email verification.
We can talk about the others later.
Describe the bug
A clear and concise description of what the bug is.
To Reproduce the bug
Steps to reproduce the behavior:
Screenshots
If applicable, add screenshots to help explain your problem.
How do you intend to solve this bug?
Describe in clear and concise manner how you intend to approach fixing this bug.
Desktop (please complete the following information):
Smartphone (please complete the following information):
Additional context
Add any other context about the problem here.
Fixing register route*
Fixing login route
Fixing active user route
Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
Describe how to intend to go about adding this feature
Describe the approach you will take in adding this feature.
Additional context
Add any other context or screenshots about the feature request here.
Describe the bug
Response messaging. Use the format as described here https://docs.google.com/document/d/1YpMTCfLHFV-o9gwxovViF0GVJMHzPbhSvKGenPIEARk/edit
To Reproduce the bug
Steps to reproduce the behavior:
Screenshots
If applicable, add screenshots to help explain your problem.
How do you intend to solve this bug?
Describe in clear and concise manner how you intend to approach fixing this bug.
Desktop (please complete the following information):
Smartphone (please complete the following information):
Additional context
Add any other context about the problem here.
Is your feature request related to a problem? Please describe.
Api users with role admin should be authenticated via different routes to get API_KEY
Describe how to intend to go about adding this feature
Rename user routes to adminUser routes for easy differentiation.
Additional context
none
Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
Describe how to intend to go about adding this feature
Describe the approach you will take in adding this feature.
Additional context
Add any other context or screenshots about the feature request here.
Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
Describe how to intend to go about adding this feature
Describe the approach you will take in adding this feature.
Additional context
Add any other context or screenshots about the feature request here.
Is your feature request related to a problem? Please describe.
Guest users should be associated with their respective admins/platforms.
Describe how to intend to go about adding this feature
This can be achieved by passing admin JWT with each guest user request.
Additional context
Add any other context or screenshots about the feature request here.
Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
Describe how to intend to go about adding this feature
Describe the approach you will take in adding this feature.
Additional context
Add any other context or screenshots about the feature request here.
Describe the bug
the route says that res.status is not a function.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
A long text of error shows up
Is your feature request related to a problem? Please describe.
Users should be identified before allowing access to api
Describe how to intend to go about adding this feature
Create a middleware for routing where user authorization is needed
Additional context
None
Is your feature request related to a problem? Please describe.
The Session Management utility has no real need to be configured externally from Passport. Since some Passport strategies already manage the user session in their implementation of user authentication, I think it'll be wise to configure a passport-local strategy to follow suite and fully replace Session Management.
Describe how to intend to go about adding this feature
Additional context
None
Is your feature request related to a problem? Please describe.
Provide user with easier means of authentication using social auth.
Describe how to intend to go about adding this feature
Use passport module or its equivalent
Additional context
None
Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
Describe how to intend to go about adding this feature
Describe the approach you will take in adding this feature.
Additional context
Add any other context or screenshots about the feature request here.
User Registers or logs in via Github
Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
Describe how to intend to go about adding this feature
Describe the approach you will take in adding this feature.
Additional context
Add any other context or screenshots about the feature request here.
Is your feature request related to a problem? Please describe.
When a user visits a route that returns 404 status code, that's page does not belong to the app or page not found and it's will break the app.
Describe how to intend to go about adding this feature
I created an error handler middleware that will trigger any time and unknown routes visited and also any error that may occur like server error, Mongo error, and so on will be handle. And that also prevent my app to break
Additional context
Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
Describe how to intend to go about adding this feature
Describe the approach you will take in adding this feature.
Additional context
Login route for signing in user with his/her credentials that's already available in the DB
Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
Describe how to intend to go about adding this feature
Describe the approach you will take in adding this feature.
Additional context
Add any other context or screenshots about the feature request here.
Is your feature request related to a problem? Please describe.
Yes. User account needs be confirmed
Describe how to intend to go about adding this feature
Additional context
This is the second part to Email Verification. Third part can be implemented after the Signin api is tested and working fine.
Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
Describe how to intend to go about adding this feature
Describe the approach you will take in adding this feature.
Additional context
Add any other context or screenshots about the feature request here.
Is your feature request related to a problem? Please describe.
An admin user should have a specific database to work with on their registered platform.
Describe how to intend to go about adding this feature
Describe the approach you will take in adding this feature.
Additional context
A Mongo database needs to be provided for use. You'll also need to link the adminUser object schema to the created collection.
Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
Describe how to intend to go about adding this feature
Register route for creating new user in the DB
Additional context
Add any other context or screenshots about the feature request here.
Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
Describe how to intend to go about adding this feature
Describe the approach you will take in adding this feature.
Additional context
Add any other context or screenshots about the feature request here.
Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
Describe how to intend to go about adding this feature
Describe the approach you will take in adding this feature.
Additional context
Add any other context or screenshots about the feature request here.
Is your feature request related to a problem? Please describe.
Additional context
This includes 3 features:
Is your feature request related to a problem? Please describe.
Customize errors to prevent 500: Internal Server Error being returned
Describe how to intend to go about adding this feature
Create errors that inherit from Error object
Additional context
Errors will be used in response messages where they are needed e.g ValidationError, JsonWebTokenError e.t.c
Is your feature request related to a problem? Please describe.
Required documentation for web page
Describe how to intend to go about adding this feature
Add a view for documentation which would be linked to home page route
Describe the bug
Route not implemented
To Reproduce the bug
Steps to reproduce the behavior:
Screenshots
If applicable, add screenshots to help explain your problem.
How do you intend to solve this bug?
Describe in clear and concise manner how you intend to approach fixing this bug.
Desktop (please complete the following information):
Smartphone (please complete the following information):
Additional context
Add any other context about the problem here.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.