# simple-auth A little web server providing JWT token for auth user. ## Build ```bash cargo build --release ``` ## Configuration ### Store The store represents the credentials. For now, this a `.txt` file with plain passwords. You have to create one like: ```txt # acts as a comment (only on a start line) : ``` **WARN**: the file should have a chmod to **600**. ### RSA key pair creation The server uses **RS384** signature algorithm (asymmetric). You have to create a private key to sign the token and a public key for the validation: ```bash openssl genrsa -out priv.pem 2048 openssl rsa -in priv.pem -outform PEM -pubout -out pub.pem ``` **WARN**: those files must be readable be the server user. ### INI file To start the server correctly, you need to create an `.ini` file as below: ```ini [server] url = : [store] path = [jwt] issuer = private_key = public_key = expiration_time = 2 # in hours ``` ## Run ```bash ./simple-auth curl http://:/get/ -d '{"username":"", "password":""}' # should returned {"token":"

.."} curl http://:/validate/ -d '{"token":"

.."}' # should returned (if valid) {"valid":"true"} ``` ## Test ### unit tests ```bash cargo test ``` ### integration tests * do the **configuration** step for your env tests * set the following env variables: ```bash export SIMPLE_AUTH_URL="http://:" export SIMPLE_AUTH_PUB_KEY="" # DO NOT USE THE ONE IN PRODUCTION ! ``` * run the server (if no one is running remotly) * run curl tests ```bash cd tests/bash/ ./curling.bash && echo "passed" ``` * run python requests tests ```bash # create a python venv cd tests/python python3 -m venv venv source venv/bin/activate # intall the requirements pip install -r requirements # launch the tests python -m unittest ``` ## Documentation ```bash # add the '--open' arg to open the doc on a browser cargo doc --no-deps ```