-
Notifications
You must be signed in to change notification settings - Fork 8
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #265 from nci-ats/feat/documentation
Feat/documentation
- Loading branch information
Showing
4 changed files
with
57 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| # Authentication Process | ||
| When a user enters a username and password in the `/auth` route, that information is verified against the `Users` table in the middle-layer database. This table contains the usernames and their encrypted password. Once the user is authenticated, the application sends back a token that can be used for any of the API routes. The token is valid for two hours. | ||
|
|
||
| ## How It Works | ||
| A separate route, `/auth`, was created to generate a token. This token-based authentication is handled using four `npm` modules: | ||
|
|
||
| - `Passport`, the authentication middleware | ||
| - `passport-local` | ||
| - `bcrypt-nodejs` | ||
| - `jsonwebtoken` | ||
|
|
||
| This API uses the `passport-local` strategy. This strategy authenticates users with a username and password and verifies that information against the database. When the user enters a username and password, the `bcrypt-nodejs` module verifies the submitted password against the hash in the database. Upon successful authentication, the application sends back a token using the `jsonwebtoken` module. The `jsonwebtoken` module uses a secret key, stored as an environment variable, to generate the token, which is set to be valid for 120 minutes. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| ## Data Store - AWS / S3 | ||
| To upload files for the temp-outfitters permit, create an S3 bucket in one of the AWS Regions. | ||
|
|
||
| When creating a new application, the application creates a directory with the control number name within the bucket. This directory contains the user-uploaded files. | ||
|
|
||
| These are the properties for AWS S3 data storage: | ||
|
|
||
| - `AWS_ACCESS_KEY_ID=<AWS access key ID>` | ||
| - `AWS_SECRET_ACCESS_KEY=<AWS secret key>` | ||
| - `AWS_REGION=<AWS region>` | ||
| - `AWS_BUCKET_NAME=<AWS S3 bucket name>` | ||
|
|
||
| If the Node.js server already has a `credentials` file under the `.aws` directory, the server will use those AWS credentials instead of the environment variables defined on the server. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,16 @@ | ||
| ## Environment Variables | ||
| These are the environment variables that must be created on the Node.js server for the application to run: | ||
|
|
||
| - `DATABASE_URL=postgres://<username>:<password>@<database hostname>:5432<database name>` | ||
| - `JWT_SECRET_KEY=<secret key to generate tokens>` | ||
| - `ADMINROLE_USER=<admin role account username>` | ||
| - `ADMINROLE_PWD=<admin role account password>` | ||
| - `ADMINROLE_HASH=<admin role account password’s hash generated by bcrypt>` | ||
| - `USERROLE_USER=<user role account username>` | ||
| - `USERROLE_PWD=<user role account password>` | ||
| - `USERROLE_HASH=<user role account password’s hash generated by bcrypt>` | ||
| - `AWS_ACCESS_KEY_ID=<AWS access key ID>` | ||
| - `AWS_SECRET_ACCESS_KEY=<AWS secret key>` | ||
| - `AWS_REGION=<AWS region>` | ||
| - `AWS_BUCKET_NAME=<AWS S3 bucket name>` | ||
| - `BASICURL=<SUDS Basic API URL>` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,16 @@ | ||
| # Sequelize | ||
|
|
||
| Sequelize is a promise-based Node.js ORM for Postgres, MySQL, SQLite and Microsoft SQL Server. It features solid transaction support, relations, read replication and more. | ||
|
|
||
| ## Migrations | ||
| Table creation uses the migration scripts located under `/dba/migrations`. | ||
|
|
||
| 1. Install `sequelize-cli` globally using the command `npm install -g sequelize-cli`. | ||
| 2. Make sure the database URL is available as the environment variable, set as `DATABASE_URL`. | ||
| 3. Run `sequelize db:migrate` to create the tables. | ||
|
|
||
| ## Seeders | ||
| Seeders, the data that will populate the database, are located under `/dba/seeders`. | ||
| To run the seeders, run `sequelize db:seed:all`. | ||
| ## Models | ||
| Models are a JavaScript factory class that represents a table in the database. Models are located under `/src/models`. |