@sourceloop/user-tenant-service
v3.0.1
Published
Sourceloop User Tenant Service
Downloads
1,663
Readme
@sourceloop/user-tenant-service
Overview
This microservice efficiently supports tenant-specific operations, empowering you to leverage the benefits of multitenancy.
- Multi-tenant support
- Tenant management with dedicated functionality
- Seamless team management within each tenant
- User management at both the team and tenant levels
- Role management specific to each tenant
- Efficient user permission management across the entire system.
Installation
Install UserTenantServiceComponent using npm
;
$ [npm install | yarn add] user-tenant-service
Usage
Create a new Loopback4 Application (If you don't have one already)
lb4 testapp
Install the authentication service
npm i @sourceloop/user-tenant-service
Set the environment variables.
Run the migrations.
Add the
UserTenantServiceComponent
to your Loopback4 Application (inapplication.ts
).// import the UserTenantServiceComponent import {UserTenantServiceComponent} from '@sourceloop/user-tenant-service'; // add Component for UserTenantService this.component(UserTenantServiceComponent);
Set up a Loopback4 Datasource with
dataSourceName
property set toAuthDb
. You can see an example datasource here.Bind any of the custom providers you need.
Using with Sequelize
This service supports Sequelize as the underlying ORM using @loopback/sequelize extension. And in order to use it, you'll need to do following changes.
To use Sequelize in your application, add following to application.ts:
this.bind(UserTenantServiceComponentBindings.Config).to({ useCustomSequence: false, useSequelize: true, });
Use the
SequelizeDataSource
in your datasource as the parent class. Refer this for more.
Start the application
npm start
Asymmetric Token Signing and Verification
If you are using asymmetric token signing and verification, you need to create a datasource for auth database. Example datasource file for auth:-
import {inject, lifeCycleObserver, LifeCycleObserver} from '@loopback/core';
import {juggler} from '@loopback/repository';
import {AuthDbSourceName} from '@sourceloop/core';
const DEFAULT_MAX_CONNECTIONS = 25;
const DEFAULT_DB_IDLE_TIMEOUT_MILLIS = 60000;
const DEFAULT_DB_CONNECTION_TIMEOUT_MILLIS = 2000;
const config = {
name: 'auth',
connector: 'postgresql',
host: process.env.DB_HOST,
port: process.env.DB_PORT,
user: process.env.DB_USER,
schema: process.env.DB_SCHEMA,
password: process.env.DB_PASSWORD,
database: process.env.AUTH_DB,
};
// Observe application's life cycle to disconnect the datasource when
// application is stopped. This allows the application to be shut down
// gracefully. The `stop()` method is inherited from `juggler.DataSource`.
// Learn more at https://loopback.io/doc/en/lb4/Life-cycle.html
@lifeCycleObserver('datasource')
export class AuthDataSource
extends juggler.DataSource
implements LifeCycleObserver
{
static dataSourceName = AuthDbSourceName;
static readonly defaultConfig = config;
constructor(
@inject('datasources.config.auth', {optional: true})
dsConfig: object = config,
) {
if (!!+(process.env.ENABLE_DB_CONNECTION_POOLING ?? 0)) {
const dbPool = {
max: +(process.env.DB_MAX_CONNECTIONS ?? DEFAULT_MAX_CONNECTIONS),
idleTimeoutMillis: +(
process.env.DB_IDLE_TIMEOUT_MILLIS ?? DEFAULT_DB_IDLE_TIMEOUT_MILLIS
),
connectionTimeoutMillis: +(
process.env.DB_CONNECTION_TIMEOUT_MILLIS ??
DEFAULT_DB_CONNECTION_TIMEOUT_MILLIS
),
};
dsConfig = {...dsConfig, ...dbPool};
}
super(dsConfig);
}
}
Environment Variables
Setting up a DataSource
Here is a sample Implementation DataSource
implementation using environment variables and PostgreSQL as the data source.
import {inject, lifeCycleObserver, LifeCycleObserver} from '@loopback/core';
import {juggler} from '@loopback/repository';
const config = {
name: AuthDbSourceName,
connector: 'postgresql',
url: '',
host: process.env.DB_HOST,
port: process.env.DB_PORT,
user: process.env.DB_USER,
password: process.env.DB_PASSWORD,
database: process.env.DB_DATABASE,
schema: process.env.DB_SCHEMA,
};
@lifeCycleObserver('datasource')
export class AuthenticationDbDataSource
extends juggler.DataSource
implements LifeCycleObserver
{
static dataSourceName = 'AuthDb';
static readonly defaultConfig = config;
constructor(
// You need to set datasource configuration name as 'datasources.config.Authentication' otherwise you might get Errors
@inject('datasources.config.authentication', {optional: true})
dsConfig: object = config,
) {
super(dsConfig);
}
}
Migrations
The migrations required for this service are processed during the installation automatically if you set the AUTH_MIGRATION
or SOURCELOOP_MIGRATION
env variable. The migrations use db-migrate
with db-migrate-pg
driver for migrations, so you will have to install these packages to use auto-migration. Please note that if you are using some pre-existing migrations or databases, they may be affected. In such a scenario, it is advised that you copy the migration files in your project root, using the AUTH_MIGRATION_COPY
or SOURCELOOP_MIGRATION_COPY
env variables. You can customize or cherry-pick the migrations in the copied files according to your specific requirements and then apply them to the DB.
This migration script supports both MySQL and PostgreSQL databases, controlled by environment variables. By setting MYSQL_MIGRATION to 'true', the script runs migrations using MySQL configuration files; otherwise, it defaults to PostgreSQL. .
Additionally, there is now an option to choose between SQL migration or PostgreSQL migration.
NOTE : For @sourceloop/cli
users, this choice can be specified during the scaffolding process by selecting the "type of datasource" option.
Database Schema
Providers
You can find documentation for some of the providers available in this service here
Common Headers
Authorization: Bearer where is a JWT token signed using JWT issuer and secret.
Content-Type: application/json
in the response and in request if the API method is NOT GET
Common Request path Parameters
{version}
: Defines the API Version
Common Responses
200: Successful Response. Response body varies w.r.t API 401: Unauthorized: The JWT token is missing or invalid 403: Forbidden : Not allowed to execute the concerned API 404: Entity Not Found 400: Bad Request (Error message varies w.r.t API) 201: No content: Empty Response
API Details
Visit the OpenAPI spec docs