{"id":18425725,"url":"https://github.com/faforever/faf-user-service","last_synced_at":"2026-04-05T20:01:24.801Z","repository":{"id":37962659,"uuid":"326372211","full_name":"FAForever/faf-user-service","owner":"FAForever","description":"FAForever OAuth login backend and user self service tool","archived":false,"fork":false,"pushed_at":"2026-04-04T19:15:39.000Z","size":25428,"stargazers_count":3,"open_issues_count":18,"forks_count":5,"subscribers_count":3,"default_branch":"master","last_synced_at":"2026-04-04T21:06:52.443Z","etag":null,"topics":["backend","kotlin","oauth2","quarkus","vaadin"],"latest_commit_sha":null,"homepage":"","language":"Kotlin","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/FAForever.png","metadata":{"files":{"readme":"README.MD","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"patreon":"faf"}},"created_at":"2021-01-03T09:41:07.000Z","updated_at":"2026-04-04T19:15:17.000Z","dependencies_parsed_at":"2023-10-14T22:14:18.934Z","dependency_job_id":"b245893f-5120-42a8-bd41-4745696f935f","html_url":"https://github.com/FAForever/faf-user-service","commit_stats":null,"previous_names":[],"tags_count":62,"template":false,"template_full_name":null,"purl":"pkg:github/FAForever/faf-user-service","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FAForever%2Ffaf-user-service","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FAForever%2Ffaf-user-service/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FAForever%2Ffaf-user-service/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FAForever%2Ffaf-user-service/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/FAForever","download_url":"https://codeload.github.com/FAForever/faf-user-service/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FAForever%2Ffaf-user-service/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31448216,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-05T15:22:31.103Z","status":"ssl_error","status_checked_at":"2026-04-05T15:22:00.205Z","response_time":75,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["backend","kotlin","oauth2","quarkus","vaadin"],"created_at":"2024-11-06T05:05:04.165Z","updated_at":"2026-04-05T20:01:24.796Z","avatar_url":"https://github.com/FAForever.png","language":"Kotlin","funding_links":["https://patreon.com/faf"],"categories":[],"sub_categories":[],"readme":"# FAF User Service\n\nThis service aims to cover the domain of login and account management in FAForever:\n* OAuth 2.0 / OIDC login backend for Ory Hydra\n* IRC login for Ergochat\n* User Control Panel with manual login\n\n## Developer information\n\n### Technology stack\n\n- Kotlin\n- Quarkus\n- Hibernate (Panache)\n- Vaadin\n\n### Dependencies\n\nThe FAF user service requires\n* A [MariaDB](https://mariadb.org/) server running a matching version of the [faf-db](https://github.com/FAForever/db). (Latest develop should always work)\n* An [Ory Hydra](https://github.com/ory/hydra) server running in a matching version\n\n### Developer setup\n\nFor local development you need\n* a working Kotlin setup (e.g. install IntelliJ Community and download the required JDK from IntellIJ directly)\n* Docker Compose\n\nSetup all docker dependencies along with test data by simply running:\n```shell\ndocker compose up -d\n```\n\nThis will create an oauth client with client id `faf-client` and redirect url `http://127.0.0.1` and all the db [testdata](https://raw.githubusercontent.com/FAForever/db/refs/heads/develop/test-data.sql)\n\nHint: The docker compose stack is **not** persisting to disk. Deleting containers manually or via `docker compose down` will wipe all data.\n\nOnce the dependencies are running, start the user service with:\n```shell\n./gradlew quarkusDev\n```\n\nTo start a login flow, paste `http://127.0.0.1:4444/oauth2/auth?client_id=faf-client\u0026response_type=code\u0026redirect_uri=http://127.0.0.1\u0026state=random-state-string` in your browser.\n\n\n### Troubleshooting\nIf you have previously set up faf-db in a different container, running `docker compose up -d` will cause conflicts, because port 3306 is already bound. Simply stop the other container first.\n\nQuarkus tries to automatically download and install `node.js` and `npm` if necessary, but this might fail. Install `node.js` and `npm` on your system if you run into this problem.\n\n\n## Architecture considerations\n\n### Yet another FAF API?\n\n1. **Architecture perspective:** The faf-java-api is the FAF swiss army knife. It basically bundles every feature \n   outside of the lobby server protocol. This makes it very complex to maintain and configure. It also causes very high \n   startup times causing unnecessary downtimes on deployments. This does not match our desired architecture.\n   A new microservice focussing on one particular topic (and security is a very important topic which is also hard to get \n   right) simplifies that.\n1. **GDPR and DevOps implications:** Currently FAF runs almost all applications on one server. An admin on that server \n   has access to all personal data. Adding new admins is a large hassle due to GDPR requirements. Due to this many\n   FAF maintainers have no access to their application logs and configuration, which makes fixing bugs etc. much more \n   complicated and adds additional work onto the few admins. This new service might\n   be a first step into moving the whole account management out of the main server.\n1. **Long running perspective:** In a perfect world we would migrate all authorization related stuff into a dedicated \n   (trusted) 3rd party software, so we can't mess up on security.\n\n### Additional goals\n\nGoal | Status\n---- | ------\nUsability improvements by serving translated web pages | :heavy_check_mark:\nMassively reduced startup times and smaller resource footprint by using Quarkus | :heavy_check_mark:\t\nEven less startup times and smaller resource footprint by compiling to native images with GraalVM | :hourglass:\t\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffaforever%2Ffaf-user-service","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffaforever%2Ffaf-user-service","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffaforever%2Ffaf-user-service/lists"}