The Auth Service handles user authentication, authorization, and profile management for the Commune Drop platform. It serves as the central identity provider for all users, including customers and carriers.
- User registration and login
- JWT token generation and validation
- User profile management
- Role-based access control
- Password reset and account recovery
- Email verification
- Email Service: For sending verification and password reset emails
- SMS Service: For two-factor authentication (optional)
- Notification Service: For account-related notifications
- Runtime: Node.js
- Framework: Express.js
- Database: MongoDB
- JWT: For token-based authentication
- Bcrypt: For password hashing
- Redis: For token blacklisting and rate limiting
- Node.js v16+
- MongoDB
- Redis
- Clone the repository
git clone https://github.com/commune-drop/auth-service.git
cd auth-service
- Install dependencies
npm install
- Configure environment variables
cp .env.example .env
# Edit .env with your configuration
- Start the service
npm start
For development:
npm run dev
Key environment variables:
PORT=3000
MONGODB_URI=mongodb://localhost:27017/auth-service
JWT_SECRET=your_jwt_secret
JWT_EXPIRATION=1h
REFRESH_TOKEN_EXPIRATION=7d
EMAIL_SERVICE_URL=http://email-service:3007
NOTIFICATION_SERVICE_URL=http://notification-service:3005- Password hashing with bcrypt
- JWT token expiration and refresh
- Rate limiting for login attempts
- Token blacklisting for logout
- HTTPS enforcement in production
- Customer: Regular users who place delivery orders
- Carrier: Delivery personnel who fulfill orders
- Admin: Platform administrators with elevated privileges
The service publishes these events:
user.registereduser.logged_inuser.logged_outuser.profile_updateduser.password_changeduser.account_verified
MIT