AeThex-Labs/AeThex-Engine-Core
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2
AeThex-Engine-Core/services/auth-service
History
MrPiglr 73b27e6fbe
new file: LOGO_CONFIG_GUIDE.md
2026-02-24 04:30:27 +00:00
..
src new file: LOGO_CONFIG_GUIDE.md 2026-02-24 04:30:27 +00:00
.env.example new file: LOGO_CONFIG_GUIDE.md 2026-02-24 04:30:27 +00:00
docker-compose.yml new file: LOGO_CONFIG_GUIDE.md 2026-02-24 04:30:27 +00:00
package.json new file: LOGO_CONFIG_GUIDE.md 2026-02-24 04:30:27 +00:00
README.md new file: LOGO_CONFIG_GUIDE.md 2026-02-24 04:30:27 +00:00

README.md

AeThex Authentication Service

Cloud authentication service for AeThex Engine.

Features

  • Email/Password authentication
  • JWT token-based sessions
  • Refresh token rotation
  • OAuth (Google, GitHub)
  • Password reset flow
  • Rate limiting
  • Security headers (Helmet)
  • Input validation

Quick Start

Prerequisites

  • Node.js 18+
  • Docker & Docker Compose
  • PostgreSQL 16 (or use Docker)

Setup

cd services/auth-service

# Install dependencies
npm install

# Copy environment variables
cp .env.example .env

# Edit .env with your configuration
nano .env

# Start database
docker-compose up -d postgres

# Run migrations
npm run migrate

# Start development server
npm run dev

The service will be available at http://localhost:3000

Using Docker Compose (Recommended)

# Start all services
docker-compose up -d

# View logs
docker-compose logs -f

# Stop services
docker-compose down

API Endpoints

Authentication

Register User

POST /api/v1/auth/register
Content-Type: application/json

{
  "email": "user@example.com",
  "username": "johndoe",
  "password": "SecurePass123"
}

Response:

{
  "user": {
    "id": "uuid",
    "email": "user@example.com",
    "username": "johndoe"
  },
  "accessToken": "jwt_token",
  "refreshToken": "refresh_token"
}

Login

POST /api/v1/auth/login
Content-Type: application/json

{
  "email": "user@example.com",
  "password": "SecurePass123"
}

Get Current User

GET /api/v1/auth/me
Authorization: Bearer {access_token}

Refresh Token

POST /api/v1/auth/refresh
Content-Type: application/json

{
  "refreshToken": "your_refresh_token"
}

Logout

POST /api/v1/auth/logout
Authorization: Bearer {access_token}

OAuth

Google OAuth

GET /api/v1/auth/google

Redirects to Google OAuth consent screen.

GitHub OAuth

GET /api/v1/auth/github

Redirects to GitHub OAuth consent screen.

Password Reset

Request Password Reset

POST /api/v1/auth/forgot-password
Content-Type: application/json

{
  "email": "user@example.com"
}

Reset Password

POST /api/v1/auth/reset-password
Content-Type: application/json

{
  "token": "reset_token_from_email",
  "password": "NewSecurePass123"
}

Engine Integration

GDScript Example

extends Node

func _ready():
    # Initialize cloud service
    AeThexCloud.auth.set_api_url("http://localhost:3000")
    
    # Register new user
    var result = await AeThexCloud.auth.register_async(
        "user@example.com",
        "username",
        "SecurePass123"
    )
    
    if result.success:
        print("Registered! Token: ", result.access_token)
    else:
        print("Error: ", result.error)
    
    # Login
    result = await AeThexCloud.auth.login_async(
        "user@example.com",
        "SecurePass123"
    )
    
    if result.success:
        print("Logged in as: ", result.user.username)
        # Token is automatically stored
    
    # Check if logged in
    if AeThexCloud.auth.is_logged_in():
        var user = AeThexCloud.auth.get_current_user()
        print("Welcome back, ", user.username)

Development

Project Structure

src/
├── index.ts              # Application entry point
├── routes/
│   ├── auth.ts          # Auth endpoints
│   └── user.ts          # User management
├── controllers/
│   ├── authController.ts
│   └── userController.ts
├── middleware/
│   ├── authenticateToken.ts
│   ├── validateRequest.ts
│   └── errorHandler.ts
├── models/
│   └── User.ts          # User model (Prisma)
├── services/
│   ├── tokenService.ts  # JWT handling
│   └── emailService.ts  # Email sending
└── utils/
    ├── logger.ts
    └── validators.ts

Running Tests

npm test

Database Migrations

# Create new migration
npx prisma migrate dev --name add_user_table

# Apply migrations
npm run migrate

# Reset database
npx prisma migrate reset

Security Considerations

  1. JWT Secrets: Change JWT_SECRET and REFRESH_TOKEN_SECRET in production
  2. Database Password: Use strong password for PostgreSQL
  3. HTTPS: Always use HTTPS in production
  4. Rate Limiting: Configured for 100 requests per 15 minutes
  5. OAuth Secrets: Keep OAuth client secrets secure
  6. Password Policy: Enforces 8+ chars with uppercase, lowercase, and numbers

Environment Variables

Variable Description Default
PORT Server port 3000
DATABASE_URL PostgreSQL connection string -
JWT_SECRET Secret for access tokens -
JWT_EXPIRES_IN Token expiration 7d
REFRESH_TOKEN_SECRET Secret for refresh tokens -
GOOGLE_CLIENT_ID Google OAuth client ID -
GOOGLE_CLIENT_SECRET Google OAuth secret -
GITHUB_CLIENT_ID GitHub OAuth client ID -
GITHUB_CLIENT_SECRET GitHub OAuth secret -
FRONTEND_URL Frontend URL for CORS http://localhost:9002

Production Deployment

Docker

# Build image
docker build -t aethex-auth-service .

# Run container
docker run -d \
  -p 3000:3000 \
  -e DATABASE_URL=postgresql://... \
  -e JWT_SECRET=your-secret \
  aethex-auth-service

Kubernetes

kubectl apply -f k8s/deployment.yml
kubectl apply -f k8s/service.yml

Monitoring

Health check endpoint:

GET /health

Response:

{
  "status": "healthy",
  "service": "aethex-auth-service",
  "timestamp": "2026-02-24T10:30:00.000Z"
}

License

MIT License - See LICENSE file for details

Support