https://github.com/robert076/auth-service

A standalone microservice that implements authorization using a PostgreSQL database and implemented in Go. Plug and play your own db (uses strategy pattern, easily scalable).
https://github.com/robert076/auth-service

api authentication bcrypt golang microservice rest-api scalable strategy-design-pattern

Last synced: 3 months ago
JSON representation

A standalone microservice that implements authorization using a PostgreSQL database and implemented in Go. Plug and play your own db (uses strategy pattern, easily scalable).

• Host: GitHub
• URL: https://github.com/robert076/auth-service
• Owner: Robert076
• License: apache-2.0
• Created: 2025-06-12T16:42:19.000Z (7 months ago)
• Default Branch: main
• Last Pushed: 2025-07-02T06:23:44.000Z (7 months ago)
• Last Synced: 2025-07-02T07:23:41.214Z (7 months ago)
• Topics: api, authentication, bcrypt, golang, microservice, rest-api, scalable, strategy-design-pattern
• Language: Go
• Homepage:
• Size: 59.6 KB
• Stars: 0
• Watchers: 0
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# 🔐 auth-service

A standalone microservice that implements authorization using a PostgreSQL database and implemented in Go.

Just clone the repo and run it on your machine, plug in your database and just have fun with it.

If you have a different users table please do modify the register DTO to include everything you need. Apart from that you can easily change the db type since it's using the strategy pattern making adjusting the db easy.

## ✍🏻 Diagram



---

## 🚀 Run command

```bash

docker compose up --build

```

### ⚙️ Example .env file

```

ENDPOINT_PORT=5656

DB_TYPE=postgres

DB_HOST=postgres-service

POSTGRES_USER=admin

POSTGRES_PASSWORD=admin

DB_PORT=5432

POSTGRES_NAME=authservicedb

DB_SSLMODE=disable

ENVIRONMENT=PRODUCTION

```

## 💻 How it works

Make a `POST` request to the `/register` endpoint with the corresponding body (check the register dto) and the account gets created

Make a `POST` request to the `/login` endpoint with email and password, and if password hash matches (from db) it returns 200 (this is how you will know the login was succesful)

Make a `POST` request to the `/authorize` endpoint with the email attached and if the session token + csrf token match (include csrf token in header when making the request) you get 200

Make a `POST` request to `/logout` with the email attached. (You must have the `cookies` and the header with the `csrf token` for the request)

## 🧩 Adding another database

You can easily swap out db's with one another since the code is not coupled to a certain database, it actually makes use of interfaces using the strategy pattern to enable you to add whatever db you prefer.