Skip to content

Latest commit

 

History

History
76 lines (52 loc) · 2.68 KB

README.md

File metadata and controls

76 lines (52 loc) · 2.68 KB
Raw

Auth Service (Work in Progress)

Git Commit Git Releases Npm Version NPM Vulnerabilities CircleCI

Mojaloop central AuthZ + AuthN service. Currently for FIDO implementation in a Mojaloop switch.

Overview

Setup

Clone repo

git clone [email protected]:mojaloop/AuthService.git

Improve local DNS resolver

Add the 127.0.0.1 auth-service.local entry in your /etc/hosts so the auth-service is reachable on http://auth-service.local:4004. Elsewhere use http://localhost:4004

Install service dependencies

cd auth-service
npm ci

Run local dockerized auth-service

npm run docker:build
npm run docker:run

To check the auth-service health visit http://auth-service.local:4004/health

Run locally with database in docker-compose

docker-compose up -d mysql
npm run migrate
npm run start

Updating the OpenApi (Swagger) Spec

We use multi-file-swagger to make our swagger files more manageable.

After making changes to the .yaml files in ./src/interface/, update the swagger.json file like so:

    npm run build:openapi

Note: We will likely want to move to swagger 3.0 at some point, and once we do, we will be able to use the common api snippets library to factor out common Mojaloop snippets. Keep track of #352 - Update to OpenAPI v3

Auditing Dependencies

We use audit-ci along with npm audit to check dependencies for node vulnerabilities, and keep track of resolved dependencies with an audit-ci.jsonc file.

To start a new resolution process, run:

npm run audit:fix

You can then check to see if the CI will pass based on the current dependencies with:

npm run audit:check

The audit-ci.jsonc contains any audit-exceptions that cannot be fixed to ensure that CircleCI will build correctly.