Description
Eltex-doors is a service that provides user authentication by creating a token and verifying it.
Eltex-doors forms a JWT token based on a POST request and containing login, password and metadata.
JWT(JSON Web Token) - a JSON object defined in RFC 7519
Generated tokens are keeped in the auth_token
table of the eltex-doors
database. On expiry of the period specified in the configuration file (token.expire.timeout), outdated tokens are deleted from the database.
The parameters "token lifetime{iat}" and "token creation time{exp}" are specified in a token's payload and can be obtained by token decoding.
Available API methods: /api/signin/
An example of parameters sent in a POST request
{ "username": "user", "password": "password", "metadata": { "nasIp": "100.112.0.1", "sessionId": "5692549928996308667", "vrf": "1", "clientMac": "FC-45-96-5F-50-AC" } }
- In success, the service's response will be:
{ "status": "OK", "accessToken": "eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ1c2VyIiwiYXV0aCI6WyJST0xFX0FETUlOIl0sImlhdCI6MTU1OTcwOTQ2OCwiZXhwIjoxNTU5NzgxNDY4LCJuYXNJcCI6IjEwMC4xMTIuMC4xIiwic2Vzc2lvbklkIjoiNTY5MjU0OTkyODk5NjMwODY2NyIsInZyZiI6IjEiLCJjbGllbnRNYWMiOiJGQy00NS05Ni01Ri01MC1BQyJ9.VQ1NKCcG445eSMz7jOoTGt7PC1HVhTkFxxwWWxdVO3Y" }
where status
- response status
access token
- generated token
- If an error occurs, the service will answer:
{"status":"FAIL","error":"Invalid username or password"}
where status
- response status
error
- error description
Configuration
The configuration file is located at /etc/eltex-doors/application.properties
## Mysql datasource properties spring.datasource.url=jdbc:mysql://<<ip_address>>:3306/eltex_doors?useSSL=false&useJDBCCompliantTimezoneShift=true&useLegacyDatetimeCode=false&serverTimezone=UTC spring.datasource.username=eltexdoors Login spring.datasource.password=eltexpassword Password spring.flyway.url=jdbc:mysql://localhost:3306/eltex_doors?useSSL=false&useJDBCCompliantTimezoneShift=true&useLegacyDatetimeCode=false&serverTimezone=UTC spring.flyway.user=eltexdoors Login spring.flyway.password=eltexpassword Password ## Eureka settings and starting server port server.port=9097 The port listened by the service ## Custom application properties ## Token expiration timeout # Use time format HH:mm:ss auth.cron.session.timeout=*/60 * * * * * Token lifetime checking period auth.token.expire.timeout=20:00:00 Token lifetime # Login and password from basic account auth.username=user A login to connect to eltex-doors auth.password=password A password to connect to eltex-doors
The logging configuration file /etc/eltex-doors/log4j2.xml
The configuration file for service initialization /etc/default/eltex-doors
# AP Monitoring service # Initial size of Java heap JAVA_INIT_HEAP=8m Amount of RAM allocated during initialization # Maximum size of Java heap JAVA_MAX_HEAP=64m Amount of RAM allocated during operation # Additional arguments to pass to java JAVA_OPTS="-XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/var/log/eltex-doors"