Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/hodfords-solutions/nestjs-api-gateway

a powerful and versatile solution for managing and deploying APIs within a distributed and microservices-oriented architecture
https://github.com/hodfords-solutions/nestjs-api-gateway

api-gateway microservice nestjs nodejs

Last synced: 1 day ago
JSON representation

a powerful and versatile solution for managing and deploying APIs within a distributed and microservices-oriented architecture

Host: GitHub
URL: https://github.com/hodfords-solutions/nestjs-api-gateway
Owner: hodfords-solutions
Created: 2024-09-21T11:31:42.000Z (4 months ago)
Default Branch: main
Last Pushed: 2024-12-12T04:09:37.000Z (28 days ago)
Last Synced: 2025-01-01T07:06:53.263Z (8 days ago)
Topics: api-gateway, microservice, nestjs, nodejs
Language: TypeScript
Homepage: https://opensource.hodfords.uk/nestjs-api-gateway
Size: 394 KB
Stars: 44
Watchers: 0
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md

Awesome Lists containing this project

README

        


  



# API Gateway

The API Gateway houses the source code and documentation for the API Gateway - a powerful and versatile solution for managing and deploying APIs within a distributed and microservices-oriented architecture. This repository serves as the central hub for collaboration, version control, and issue tracking related to the development and enhancement of the API Gateway.

## Key Features:

- **Centralized API Management**: The API Gateway streamlines API management by providing a central entry point for client applications. It handles API requests, directs traffic to appropriate microservices, and offers additional functionalities to developers and administrators.

- **Security and Authentication**: Security is paramount, and the API Gateway offers robust authentication and authorization mechanisms to protect APIs from unauthorized access. It supports various authentication protocols, including API keys, JWT.

- **Rate Limiting and Throttling**: To prevent abuse and ensure fair usage, the API Gateway allows administrators to set rate limits and throttling rules. This helps maintain API performance and prevents any single client from overwhelming the system.

- **Logging and Monitoring**: The API Gateway provides comprehensive logging and monitoring capabilities, allowing developers and administrators to gain insights into API usage, performance, and errors in real-time.

- **WebSocket Support**: Beyond traditional RESTful APIs, the API Gateway supports WebSocket communication for real-time interactions and push notifications.

- **Error Handling and Fault Tolerance**: The API Gateway is designed with robust error handling and fault tolerance mechanisms to ensure high availability and reliability.

## Usage

#### Install

```shell

npm install @hodfords/api-gateway

```

#### Configuration

Import the `ApiGatewayModule` and use the `forRoot` method to configure the API Gateway. The `forRoot` method accepts an options object with the following properties:

```typescript

@Module({

    imports: [

        RedisModule.forRoot({

            config: {

                host: env.REDIS.HOST,

                port: env.REDIS.PORT,

                db: env.REDIS.DB

            }

        }), // Required

        ScheduleModule.forRoot(), // Required

        ApiGatewayModule.forRoot({

            apiServices: env.API_SERVICES,

            openApiSecurityKeys: ['auth-user-id'],

            excludeHeaders: ['auth-user-id'],

            throttler: {

                globalRateLimit: 60,

                isEnable: true,

                globalRateLimitTTL: 60

            }

        })

    ],

    controllers: [],

    providers: []

})

export class AppModule {}

```

#### Custom Authentication Header

You can handle the authentication header by creating a custom authentication handler. The `handle` method will be called before the request is processed. The `handle` method accepts the incoming request object and should return a boolean value indicating whether the request is authenticated.

```typescript

@ProxyMiddleware()

export class AuthenticationMiddleware implements ProxyMiddlewareHandler {

    async handle(routerDetail: RouterDetail, request: IncomingMessage, proxyRequest: ProxyRequest): Promise {

        proxyRequest.addHeaders({ 'auth-user-id': '123' });

        return true;

    }

}

```

Similarly, you can create a WebSocket authentication handler by decorating the `@WsProxyMiddleware`. The `handle` method will be called before the request is processed. The `handle` method accepts the incoming request object and should return a boolean value indicating whether the request is authenticated.

```typescript

@WsProxyMiddleware()

export class WsAuthenticationMiddleware implements WsProxyMiddlewareHandler {

    async handle(request: IncomingMessage, proxyRequest: ProxyRequest): Promise {

        proxyRequest.addHeaders({ 'auth-user-id': '123' });

        return true;

    }

}

```

#### Static File

You can create a static file handler by decorating the `@StaticRequestHandler`. The `isStaticRequest` method will be called before the request is processed. The `isStaticRequest` method accepts the incoming request object and should return a boolean value indicating whether the request is for a static file.

```typescript

@ProxyValidation()

export class StaticRequestMiddleware implements ProxyValidationHandler {

    isStaticRequest(request: IncomingMessage): boolean {

        return request.url.includes('/images/') || request.url.includes('/statics/');

    }

}

```

#### Document

API Gateway will aggregate all subservices into one. You can access by the link `http://gateway/documents`

#### Authenticate

API Gateway will process the jwt tokens and remove the token from the header. It will then add a new header key to the request called `auth-user-id`

> To define a request that requires authentication, simply use the decorator `Auth()`. This decorator includes a check header function and a function that adds information to OpenAPI.

> 

> In subservices, getting user information is eliminated. Instead you can just get the userId with decorator `@CurrentUserId() id: string` instead of decorator `@CurrentUser()`

```typescript

@Auth()

index(@CurrentUserId() id: string): string {

    return 'Hello word'

}

```

#### Rate limit

>`ApiRateLimit(limit: number, ttl: number, status?: number)`

> **Parameter:**

> - limit: number of requests

> - ttl: limited time request

> - status: *[optional]* limit requests by status, for example you want to limit the number of failed login attempts in 1 minute to 3 times: `@ApiRateLimit(3, 60, 401)`

```typescript

@ApiRateLimit(5, 60, 200)

@ApiRateLimit(30, 60 * 60, 200)

@ApiRateLimit(3, 60, 401)

index(): string {

    return 'Hello word'

}

```

## Support:

If you encounter any issues, have questions, or need assistance with the API Gateway, please contact the development team

Thank you for using the API Gateway! Happy API management and development!