Authentication service
- Supports HTTP/2 and gRPC protocols.
- PostgreSQL database with sqlc for type-safe queries.
- Redis queue for background tasks.
π Table of Contents
π Overview
A Golang authentication service API, supporting both HTTP/2 and gRPC protocols.
The service is designed to provide user authentication and authorization features,
including user registration, login, and email verification.
The service is built
using a PostgreSQL database with sqlc for type-safe queries and a Redis queue for background tasks.
πΎ Features
- User Registration: Register a new user with a unique email, username, and password.
- Email Verification: Sends a verification email to a user's email address. User creation will rollback if verification email fails to send (using transactional queries with callbacks)
- User Login: Authenticate a user with a valid email and password.
- User Update: Update a user's profile information, including their email, username, and password.
π Project Structure
βββ auth/
βββ db
β βββ migration
β βββ query
β βββ sqlc
βββ doc
β βββ db.dbml
β βββ statik
β βββ swagger
βββ gapi
β βββ authorization.go
β βββ converter.go
β βββ error.go
β βββ logger.go
β βββ metadata.go
β βββ rpc_create_user.go
β βββ rpc_login_user.go
β βββ rpc_update_user.go
β βββ rpc_verify_email.go
β βββ server.go
βββ go.mod
βββ go.sum
βββ main.go
βββ makefile
βββ pb
β βββ rpc_create_user.pb.go
β βββ rpc_login_user.pb.go
β βββ rpc_update_user.pb.go
β βββ rpc_verify_email.pb.go
β βββ service_auth.pb.go
β βββ service_auth.pb.gw.go
β βββ service_auth_grpc.pb.go
β βββ user.pb.go
βββ proto
β βββ google
β βββ protoc-gen-openapiv2
β βββ rpc_create_user.proto
β βββ rpc_login_user.proto
β βββ rpc_update_user.proto
β βββ rpc_verify_email.proto
β βββ service_auth.proto
β βββ user.proto
βββ sqlc.yaml
βββ token
β βββ jwt_maker.go
β βββ maker.go
β βββ paseto_asym_maker.go
β βββ paseto_maker.go
β βββ payload.go
β βββ jwt_maker_test.go
β βββ paseto_asym_maker_test.go
β βββ paseto_test.go
βββ util
β βββ config.go
β βββ password.go
β βββ random.go
βββ val
β βββ validator.go
βββ worker
βββ distributor.go
βββ logger.go
βββ processor.go
βββ task_send_verify_email.go
π Project Index
AUTH/
__root__
| makefile |
β― makefile with commands for local development |
| main.go |
β― Main entry point for API service |
| go.mod |
β― Go mod file |
| go.sum |
β― Go sum file |
| sqlc.yaml |
β― Sqlc V2 configuration file |
worker
| processor.go |
β― Task processor for Redis queue - picks up tasks from the queue to process and run them |
| task_send_verify_email.go |
β― Redis queue task for sending out the verification email to new users |
| logger.go |
β― Logger for the Redis queue |
| distributor.go |
β― Redis task distributor interface - distributes the tasks into appropriate queues |
proto
protoc-gen-openapiv2
options
google
api
doc
| db.dbml |
β― Database markup version of the database schema |
statik
| statik.go |
β― Serves static swagger specification page |
swagger
gapi
| metadata.go |
β― Helper to capture metadata of gRPC gateway requests |
| logger.go |
β― Logger file for gRPC & HTTP requests |
| authorization.go |
β― Validates token format for incoming authorized calls |
| rpc_update_user.go |
β― Function that is called to update a user record when the api endpoint is invoked |
| rpc_verify_email.go |
β― Function that is called to verify a new users email when the api endpoint is invoked |
| error.go |
β― Helper to handle generic errors (invalid request params, unauthorized calls) |
| rpc_login_user.go |
β― Function that is called to log a user into their account when the api endpoint is invoked |
| converter.go |
β― Helper to sanitize User database objects from sensitive data (like password) |
| rpc_create_user.go |
β― Function that is called to create a new user account when the api endpoint is invoked |
| server.go |
β― Initializes a new Server to run |
val
| validator.go |
β― Helper to validate string format for email, names, passwords, etc... |
pb
util
db
sqlc
| models.go |
β― Code generated by sqlc |
| db.go |
β― Code generated by sqlc |
| verify_email.sql.go |
β― Code generated by sqlc |
| user.sql.go |
β― Code generated by sqlc |
| querier.go |
β― Code generated by sqlc |
| tx_verify_email.go |
β― Transactional write to the database to update user records across tables when email is verified |
| store.go |
β― SQLStore provides all functions to execute db queries and transactions. Also used to Mock DB for tests |
| tx_create_user.go |
β― Transactional write that creates a user in the database. This transaction has a callback that executes only when the database write is successful. We use this call back to send out the verification email upon sign up |
| sessions.sql.go |
β― Code generated by sqlc |
query
| user.sql |
β― Queries & annotations pertaining to users for sqlc to generate application database code |
| sessions.sql |
β― Queries & annotations pertaining to sessions for sqlc to generate application database code |
| verify_email.sql |
β― Queries & annotations pertaining to verifying emails for sqlc to generate application database code |
migration
π Getting Started
βοΈ Prerequisites
Before getting started with auth, ensure your runtime environment meets the following requirements:
- Programming Language: Go
- Package Manager: Go modules
- Containerization: Docker
βοΈ Installation
Install auth using the following methods:
- Clone the auth repository:
β― git clone https://github.com/fsobh/auth
- Navigate to the project directory:
β― cd auth
- Install the project dependencies:
Using go modules Β 
β― go mod tidy
π€ Usage
Steps 1 and 2 are essential for the service to run
-
Update app.env with your environment variables
| Name |
Description |
| PASETO_PRIVATE_KEY |
private key (Paseto V2) |
| PASETO_PUBLIC_KEY |
public key (Paseto V2) |
| SES_FROM_EMAIL |
Verified AWS SES email address |
-
Update the .env file with your AWS account credentials
| Name |
Description |
| AWS_ACCESS_KEY_ID |
AWS IAM access key |
| AWS_SECRET_ACCESS_KEY |
AWS IAM secret key |
| AWS_DEFAULT_REGION |
AWS region |
-
Run the following command to start the service:
β― docker compose up
π Project Roadmap
-
Task 1: Authentication + sessions.
-
Task 2: Add unit tests.
-
Task 3: Upgrade db driver from lib/pq to pgx/v5.
-
Task 4: Add RBAC.
-
Task 5: Add OAuth2 support.
-
Task 6: Add Github actions to auto deploy.
π° Contributing
Contributing Guidelines
- Fork the Repository: Start by forking the project repository to your github account.
- Clone Locally: Clone the forked repository to your local machine using a git client.
git clone https://github.com/fsobh/auth
- Create a New Branch: Always work on a new branch, giving it a descriptive name.
git checkout -b new-feature-x
- Make Your Changes: Develop and test your changes locally.
- Commit Your Changes: Commit with a clear message describing your updates.
git commit -m 'Implemented new feature x.'
- Push to github: Push the changes to your forked repository.
git push origin new-feature-x
- Submit a Pull Request: Create a PR against the original project repository. Clearly describe the changes and their motivations.
- Review: Once your PR is reviewed and approved, it will be merged into the main branch. Congratulations on your contribution!
Contributor Graph
π License
- This project is licensed under the MIT License. See the LICENSE file for details.
π Acknowledgments
README
ΒΆ
Documentation
ΒΆ
Source Files
Directories