https://github.com/festivals-app/festivals-identity-server

Exposing the FestivalsIdentityAPI providing authorization and authentication functions to the FestivalsApp project.
https://github.com/festivals-app/festivals-identity-server

authentication authorization golang jwt mysql

Last synced: 5 months ago
JSON representation

Exposing the FestivalsIdentityAPI providing authorization and authentication functions to the FestivalsApp project.

• Host: GitHub
• URL: https://github.com/festivals-app/festivals-identity-server
• Owner: Festivals-App
• License: lgpl-3.0
• Created: 2020-11-10T11:43:07.000Z (over 5 years ago)
• Default Branch: master
• Last Pushed: 2025-04-13T22:21:40.000Z (about 1 year ago)
• Last Synced: 2025-04-13T22:27:25.198Z (about 1 year ago)
• Topics: authentication, authorization, golang, jwt, mysql
• Language: Go
• Homepage:
• Size: 210 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • License: LICENSE
  • Authors: AUTHORS

Awesome Lists containing this project

README

          


   

   

   

   

   

   





  



    FestivalsApp Identity Server

  





A lightweight Go server application providing the [FestivalsIdentityAPI](DOCUMENTATION.md), a RESTful API that handles

all authentication and authorization needs for FestivalsApp components.

![Figure 1: Architecture Overview Highlighted](https://github.com/Festivals-App/festivals-documentation/blob/main/images/architecture/export/architecture_overview_identity.svg "Figure 1: Architecture Overview Highlighted")





  Development •

  Deployment •

  Engage





The FestivalsApp backend is secured using three different mechanisms to ensure both secure communication and controlled access:

1. **Mutual TLS (mTLS)** – Every party must have a valid client certificate issued by the FestivalsApp Root CA

  to establish secure communication with other services. This prevents unauthorized access at the transport layer.

  For more details, refer to the [festivals-pki](https://github.com/Festivals-App/festivals-pki) repository.  

2. **API Keys** – Required for accessing read-only parts of the FestivalsAPI. These keys provide a simple way

  to authenticate services and users that do not require full access.

3. **JSON Web Tokens (JWTs)** – Used for all other interactions. JWTs enable role-based access control (RBAC),

  ensuring users are authorized to access specific functions based on their assigned roles and also implement

  resource access based on user identity. The system verifies JWTs on every request to enforce access restrictions dynamically.

In addition to these mechanisms, the backend enforces strict firewall rules and network segmentation

to minimize exposure to unauthorized access.

## Development

The FestivalsApp Identity Server follows a modular structure for clarity and maintainability. The `database` directory

for managing the database, while `auth` handles core authentication logic, `server` manages API routes and middleware

and `operation` documents deployment and environment. GitHub Actions are in `.github`, and `.vscode` provides recommended

settings. The entry point is main.go, with dependencies in go.mod and go.sum.

Refer to [FestivalsIdentityAPI Documentation](DOCUMENTATION.md) for details on available endpoints.

### Requirements

- [Golang](https://go.dev/) Version 1.24.1+

- [Visual Studio Code](https://code.visualstudio.com/download) 1.99.2+

  - Plugin recommendations are managed via [workspace recommendations](https://code.visualstudio.com/docs/editor/extension-marketplace#_recommended-extensions).

- [Bash script](https://en.wikipedia.org/wiki/Bash_(Unix_shell)) friendly environment

## Deployment

The Go binaries are able to run without system dependencies so there are not many requirements for the system

to run the festivals-identity-server binary, just follow the [**deployment guide**](./operation/DEPLOYMENT.md) for

deploying it inside a virtual machine or the [**local deployment guide**](./operation/local/README.md) for

running it on your macOS developer machine.

## Engage

I welcome every contribution, whether it is a pull request or a fixed typo. The best place to discuss questions

and suggestions regarding the festivals-identity-server is the [issues](https://github.com/festivals-app/festivals-identity-server/issues/) section.

More general information and a good starting point if you want to get involved is

the [festival-documentation](https://github.com/Festivals-App/festivals-documentation) repository.

The following channels are available for discussions, feedback, and support requests:

| Type                     | Channel                                                |

| ------------------------ | ------------------------------------------------------ |

| **General Discussion**   |     |

| **Other Requests**    |    |

### Licensing

Copyright (c) 2020-2025 Simon Gaus. Licensed under the [**GNU Lesser General Public License v3.0**](./LICENSE)