{"id":21192198,"url":"https://github.com/mu-semtech/login-service","last_synced_at":"2025-07-10T03:31:31.294Z","repository":{"id":30228568,"uuid":"33779666","full_name":"mu-semtech/login-service","owner":"mu-semtech","description":"Login microservice using a triple store in the backend","archived":false,"fork":false,"pushed_at":"2024-08-14T16:42:37.000Z","size":51,"stargazers_count":3,"open_issues_count":3,"forks_count":12,"subscribers_count":6,"default_branch":"master","last_synced_at":"2025-04-05T10:22:09.546Z","etag":null,"topics":["authentication","microservice","mu-service","musemtech"],"latest_commit_sha":null,"homepage":null,"language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mu-semtech.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2015-04-11T14:55:28.000Z","updated_at":"2021-11-30T22:30:21.000Z","dependencies_parsed_at":"2023-02-15T07:32:04.734Z","dependency_job_id":null,"html_url":"https://github.com/mu-semtech/login-service","commit_stats":null,"previous_names":[],"tags_count":15,"template":false,"template_full_name":null,"purl":"pkg:github/mu-semtech/login-service","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mu-semtech%2Flogin-service","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mu-semtech%2Flogin-service/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mu-semtech%2Flogin-service/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mu-semtech%2Flogin-service/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mu-semtech","download_url":"https://codeload.github.com/mu-semtech/login-service/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mu-semtech%2Flogin-service/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":264521187,"owners_count":23622099,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication","microservice","mu-service","musemtech"],"created_at":"2024-11-20T19:07:55.512Z","updated_at":"2025-07-10T03:31:26.285Z","avatar_url":"https://github.com/mu-semtech.png","language":"Ruby","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Login microservice\nLogin microservice running on [mu.semte.ch](http://mu.semte.ch).\n\n## How-To\n### Add the login service to a stack\nAdd the following snippet to your `docker-compose.yml` to include the login service in your project.\n\n```\nlogin:\n  image: semtech/mu-login-service:3.0.0\n  links:\n    - database:database\n```\n\nThe triplestore used in the backend is linked to the login service container as `database`.\n\nNext, add the following rules in `./config/dispatcher/dispatcher.ex` to dispatch requests to the login service. E.g.\n\n```\n  match \"/sessions/*path\", @any do\n    Proxy.forward conn, path, \"http://login/sessions/\"\n  end\n```\n\nThe host `login` in the forward URL reflects the name of the login service in the `docker-compose.yml` file as defined above.\n\nMore information how to setup a mu.semte.ch project can be found in [mu-project](https://github.com/mu-semtech/mu-project).\n\n## Tutorials\nA tutorial using this repository can be found at https://github.com/mu-semtech/mu-project#adding-authentication-to-your-mu-project\n\n## Reference\n### Configuration\nThe following enviroment variables can be set on the login service:\n\n- **USERS_GRAPH** : graph in which the person and account resources will be stored. E.g. `http://mu.semte.ch/graphs/users`. Defaults to `http://mu.semte.ch/application`.\n- **SESSIONS_GRAPH** : graph in which the session resources will be stored. E.g. `http://mu.semte.ch/graphs/sessions`. Defaults to `http://mu.semte.ch/application`.\n- **MU_APPLICATION_SALT** : strengthen the password hashing by configuring an application wide salt. This salt will be concatenated with a salt generated per user to hash the user passwords. By default the application wide salt is not set. If you configure this salt, make sure to configure the [registration microservice](https://github.com/mu-semtech/registration-service) with the same salt. Setting the salt makes account resources non-shareable with stacks containing a login-service configured with another salt.\n\n### Model\nThis section describes the minimal required model for the login service. These models can be enriched with additional properties and/or relations.\n\nThe graphs is which the resources are stored, can be configured via environment variables.\n\n#### Used prefixes\n| Prefix  | URI                                      |\n|---------|------------------------------------------|\n| mu      | http://mu.semte.ch/vocabularies/core/    |\n| account | http://mu.semte.ch/vocabularies/account/ |\n| session | http://mu.semte.ch/vocabularies/session/ |\n| foaf    | http://xmlns.com/foaf/0.1/               |\n\n#### Accounts\n##### Class\n`foaf:OnlineAccount`\n\n##### Properties\n| Name        | Predicate          | Range           | Definition                                                                                                                            |\n|-------------|--------------------|-----------------|---------------------------------------------------------------------------------------------------------------------------------------|\n| accountName | `foaf:accountName` | `xsd:string`    | Account name / nickname                                                                                                               |\n| password    | `account:password` | `xsd:string`    | Hashed password of the account                                                                                                        |\n| salt        | `account:salt`     | `xsd:string`    | Salt used to hash the password                                                                                                        |\n| status      | `account:status`   | `rdfs:Resource` | Status of the account. Only active (`\u003chttp://mu.semte.ch/vocabularies/account/status/active\u003e`) accounts are taken into account on login. |\n\n#### Sessions\n##### Class\nNone\n\n##### Properties\n| Name    | Predicate         | Range                | Definition                     |\n|---------|-------------------|----------------------|--------------------------------|\n| account | `session:account` | `foaf:OnlineAccount` | Account related to the session |\n\n### API\n#### POST /sessions\nLog in, i.e. create a new session for an account specified by its nickname and password.\n\n##### Request body\n```json\n{\n  \"data\": {\n    \"type\": \"sessions\",\n    \"attributes\": {\n      \"nickname\": \"john_doe\",\n      \"password\": \"secret\"\n    }\n  }\n}\n```\n\n##### Response\n###### 201 Created\nOn successful login with the newly created session in the response body:\n\n```json\n{\n  \"links\": {\n    \"self\": \"sessions/current\"\n  },\n  \"data\": {\n    \"type\": \"sessions\",\n    \"id\": \"b178ba66-206e-4551-b41e-4a46983912c0\",\n    \"relationships\": {\n        \"account\": {\n            \"links\": {\n                \"related\": \"/accounts/f6419af0-c90f-465f-9333-e993c43e6cf2\"\n            },\n            \"data\": {\n                \"type\": \"accounts\",\n                \"id\": \"f6419af0-c90f-465f-9333-e993c43e6cf2\"\n            }\n        }\n    }\n  }\n}\n```\n\n###### 400 Bad Request\n- if session header is missing. The header should be automatically set by the [identifier](https://github.com/mu-semtech/mu-identifier).\n- if combination of nickname and password is incorrect.\n- if account is inactive.\n\n\n\n#### DELETE /sessions/current\nLog out the current user, i.e. remove the session associated with the current user's account.\n\n##### Response\n###### 204 No Content\nOn successful logout\n\n###### 400 Bad Request\nIf session header is missing or invalid. The header should be automatically set by the [identifier](https://github.com/mu-semtech/mu-identifier).\n\n### Releases\n#### v3.0.0\nBreaking changes:\n- Make responses JSON-API compliant by moving `relationships` into `data` object. It has become a child rather than a sibling. \n\n  You may need to change `data.authenticated.relationships.account.data.id` in the frontend to `data.authenticated.data.relationships.account.data.id` in order to consume the response data. \n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmu-semtech%2Flogin-service","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmu-semtech%2Flogin-service","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmu-semtech%2Flogin-service/lists"}