simple-auth/README.md

# simple-auth

A little web server providing JWT token for auth user.

## Build
```bash
cargo build --release
```

## Configuration

### Store
The store represents the credentials. For now, this a `.txt` file with plain passwords. You have to create one like:
```txt
# acts as a comment (only on a start line)
<username>:<password>
```
**WARN**: the file should have a chmod to **600**.

### RSA key pair creation
The server uses **RS384** signature algorithm (asymmetric). You have to create a private key to sign the token and a public key for the validation:
```bash
openssl genrsa -out priv.pem 2048
openssl rsa -in priv.pem -outform PEM -pubout -out pub.pem
```
**WARN**: those files must be readable be the server user.

### INI file
To start the server correctly, you need to create an `.ini` file as below:
```ini
[server]
url = <ip>:<port>

[store]
path = <store_path>

[jwt]
issuer = <issuer.fr>
private_key = <priv_key_path> 
public_key = <pub_key_path>
expiration_time = 2 # in hours
```

## Run
```bash
./simple-auth <ini_path>

curl http://<ip>:<port>/get/ -d '{"username":"<user>", "password":"<password>"}'
# should returned
{"token":"<header>.<payload>.<signature>"}
```

## Test

### unit tests
```bash
cargo test
```

### integration tests
* run the server locally or remotly (the URL must be changed if needed in `curling.bash` and `test_requests.py`)
* run curl tests
```bash
cd tests/bash/
./curling.bash && echo "passed"
```
* run python requests tests
```bash
# create a python venv
cd tests/python
python3 -m venv venv
source venv/bin/activate

# intall the requirements
pip install -r requirements

# launch the tests
python -m unitest
```

## Documentation
```bash
# add the '--open' arg to open the doc on a browser
cargo doc --no-deps
```