{"id":29672619,"url":"https://github.com/bravorod/enterprise-api-auth-service","last_synced_at":"2026-04-09T17:50:05.003Z","repository":{"id":250683386,"uuid":"473270675","full_name":"bravorod/enterprise-api-auth-service","owner":"bravorod","description":"Enterprise-grade Node.js REST API with JWT auth, RBAC, health checks \u0026 metrics","archived":false,"fork":false,"pushed_at":"2025-07-11T04:09:46.000Z","size":2261,"stargazers_count":4,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-07-22T21:13:01.088Z","etag":null,"topics":["api-server","api-testing","authentication","authorization","backend-development","bcrypt","cookie-auth","crud","express","http-requests","json-web-token","jwt","middleware","mongodb","mongoose","nodejs","postman","rest-api","secure-api","session-management"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/bravorod.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2022-03-23T16:29:05.000Z","updated_at":"2025-07-11T09:41:19.000Z","dependencies_parsed_at":"2024-07-29T12:47:13.245Z","dependency_job_id":"9eef5c04-84de-43ec-8b47-ecefc0bfc5a0","html_url":"https://github.com/bravorod/enterprise-api-auth-service","commit_stats":null,"previous_names":["rodrigo-bravo/api-backend","bravorod/api-backend","bravorod/secure-api-backend","bravorod/enterprise-api-auth-service"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/bravorod/enterprise-api-auth-service","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bravorod%2Fenterprise-api-auth-service","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bravorod%2Fenterprise-api-auth-service/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bravorod%2Fenterprise-api-auth-service/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bravorod%2Fenterprise-api-auth-service/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/bravorod","download_url":"https://codeload.github.com/bravorod/enterprise-api-auth-service/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bravorod%2Fenterprise-api-auth-service/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28133002,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-12-30T02:00:05.476Z","response_time":64,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["api-server","api-testing","authentication","authorization","backend-development","bcrypt","cookie-auth","crud","express","http-requests","json-web-token","jwt","middleware","mongodb","mongoose","nodejs","postman","rest-api","secure-api","session-management"],"created_at":"2025-07-22T21:06:41.548Z","updated_at":"2025-12-30T22:06:58.508Z","avatar_url":"https://github.com/bravorod.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"\n\u003ch1 align=\"center\"\u003e\n  Enterprise API Auth Service\n\u003c/h1\u003e\n\n\u003cp align=\"center\"\u003e\nNode.js REST API backend with JWT auth, RBAC, health checks, and real-time metrics\n\u003c/p\u003e\n\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"docs/architecture_api.png\" alt=\"Architecture Diagram\" width=\"600\"\u003e\n\u003c/p\u003e\n\n\n\n\n\n## Key Features\n\n- Rate limiting to prevent brute-force attacks\n- Health checks (`/healthz`, `/readyz`) for Kubernetes probes\n- OpenAPI (Swagger) documentation at `/docs`\n- Prometheus metrics endpoint (`/metrics`) for real-time monitoring\n- Full RESTful API with versioning (`/v1/*`, `/v2/*`)\n- JWT-based stateless authentication \u0026 authorization\n- Role-based access control (RBAC) with hierarchical permissions\n- Secure password hashing (bcrypt, argon2)\n- HTTP-only cookies and token refresh endpoints\n- Docker \u0026 Docker Compose for one-command local setup\n- CI/CD examples (GitHub Actions, Jenkins)\n\n\n## Quickstart\n\n```bash\ncp .env.example .env   # configure MONGO_URI, JWT_SECRET, COOKIE_EXPIRE_DAYS, RATE_LIMIT\ndocker-compose up --build -d\n```\n\n### Authentication Flow\n\n```bash\n# Register a user\ncurl -X POST http://localhost:5000/v1/auth/register \\\n     -H 'Content-Type: application/json' \\\n     -d '{\"email\":\"email@example.com\",\"password\":\"P@ssw0rd\"}'\n\n# Login and capture token\nTOKEN=$(curl -s -X POST http://localhost:5000/v1/auth/login \\\n    -H 'Content-Type: application/json' \\\n    -d '{\"email\":\"email@example.com\",\"password\":\"P@ssw0rd\"}' \\\n    | jq -r .token)\n\n# Access protected resource\ncurl -H \"Authorization: Bearer $TOKEN\" http://localhost:5000/v1/data/profile\n```\n\n## Security \u0026 Compliance\n* Passwords hashed with bcrypt (12+ rounds) or argon2\n\n* JWT signed with 256-bit secret; configurable expiration\n\n* CSRF protection via double-submit cookie\n\n* Rate limiting: default 100 requests/min per IP\n\n* Audit logs for login attempts and role changes\n\n* Data encryption at rest (MongoDB encryption) and in transit (TLS/HTTPS)\n\n## Performance \u0026 Monitoring\n* Expose Prometheus metrics: response times, error rates, request counts\n\n* Grafana dashboards pre-configured under monitoring/\n\n* Stress-test results: average RPS, 95th-percentile latencies\n\n* Kubernetes HPA sample spec for auto-scaling\n\n## Deployment\n\n### Kubernetes\nHelm chart available under charts/ with prod and staging values.\n\n### Docker Compose\n```yaml\nversion: '3.8'\nservices:\n  auth-service:\n    build: .\n    ports: ['5000:5000']\n    env_file: [.env]\n  mongo:\n    image: mongo:5.0\n    volumes: [mongo-data:/data/db]\n  prometheus:\n    image: prom/prometheus\n    volumes: ['./monitoring/prometheus.yml:/etc/prometheus/prometheus.yml']\n  grafana:\n    image: grafana/grafana\n    ports: ['3000:3000']\nvolumes:\n  mongo-data:\n```\n\n## Advanced Configuration\n* Multi-tenant support via TENANT_ID header parsing\n\n* GraphQL gateway option at /graphql (Apollo Server)\n\n* Dynamic CORS origin whitelist in config.js\n\n* Custom middleware hooks for logging or tracing\n\n\n## Contributing\n\n* OAuth2 / OpenID Connect support\n\n* Grafana rate-limit dashboards\n\n* Redis token blacklisting store\n\n## License\nMIT License © Rodrigo Bravo\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbravorod%2Fenterprise-api-auth-service","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbravorod%2Fenterprise-api-auth-service","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbravorod%2Fenterprise-api-auth-service/lists"}