-
Notifications
You must be signed in to change notification settings - Fork 5
Quick Start
- User registration
- Login and password authentication
- Check session
Run Gortas with docker-compose:
docker-compose.yaml
version: '3.7'
services:
gortas:
image: maximthomas/gortas:latest
ports:
- "8080:8080"
depends_on:
- mongo
environment:
SESSION_DATASTORE_PROPERTIES_URL: "mongodb://root:changeme@mongo:27017"
AUTHENTICATION_REALMS_USERS_USERDATASTORE_PROPERTIES_URL: "mongodb://root:changeme@mongo:27017"
mongo:
image: mongo:latest
restart: always
ports:
- "27017:27017"
environment:
MONGO_INITDB_ROOT_USERNAME: root
MONGO_INITDB_ROOT_PASSWORD: changeme
docker-compose up -f docker-compose.yaml
To start user registration send get request to Gortas registration URL <host:port>/gortas/v1/auth/{flow}
For example, http://localhost:8080/gortas/v1/auth/registration
curl -v -H "Accept: application/json" \
"http://localhost:8080/gortas/v1/auth/registration"
* Trying 127.0.0.1:8080...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 8080 (#0)
> GET /gortas/v1/auth/users/registration HTTP/1.1
> Host: localhost:8080
> User-Agent: curl/7.68.0
> Accept: application/json
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Content-Type: application/json; charset=utf-8
< Set-Cookie: GortasAuthFlow=9ef2f40c-eebf-4026-8d37-3796276505f0; Path=/; HttpOnly
< Vary: Origin
< Date: Sat, 27 Nov 2021 10:09:38 GMT
< Content-Length: 275
<
* Connection #0 to host localhost left intact
{
"module":"registration",
"callbacks":[
{
"name":"email",
"type":"text",
"value":"",
"prompt":"Email",
"required":true
},
{
"name":"text",
"type":"text",
"value":"",
"prompt":"Name"
},
{
"name":"password",
"type":"password",
"value":"",
"prompt":"Password",
"required":true
}
],
"flowId":"9ef2f40c-eebf-4026-8d37-3796276505f0"
}
Gortas returned authentication module
, callbacks
- user credentials to fill, flowId
- authentication process idetifier.
For each callback: type
- is needed for frontend system to display control correctly, defines control type, prompt
- user prompt, required
- is callback required, for client validation. Gortas also validates required callbacks itself.
Fill value
property for each callback and send the data back with POST
request. flowId
should also be set.
curl -v -H "Accept: application/json" \
--data '{"module":"registration","callbacks":[{"name":"email", "value":"test@test.com"},{"name":"name", "value":"John Doe"},{"name":"password", "value":"p@ssw0rd"}],"flowId":"38697bba-2680-4df6-8eb1-68159dd9b6a0"}' \
"http://localhost:8080/gortas/v1/auth/registration"
* Trying 127.0.0.1:8080...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 8080 (#0)
> POST /gortas/v1/auth/registration HTTP/1.1
> Host: localhost:8080
> User-Agent: curl/7.68.0
> Accept: application/json
> Content-Length: 205
> Content-Type: application/x-www-form-urlencoded
>
* upload completely sent off: 205 out of 205 bytes
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Content-Type: application/json; charset=utf-8
< Set-Cookie: GortasSession=eyJhbGciOiJSUzI1NiIsImprcyI6IjBmM2RhNzdlLTU1M2YtNDNkNi1iMjk2LWIyODEzYWJjNzE5NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2MzgwNTY4NTYsImlhdCI6MTYzODAwODY5NCwiaXNzIjoiaHR0cDovL2dvcnRhcyIsImp0aSI6IjBmM2RhNzdlLTU1M2YtNDNkNi1iMjk2LWIyODEzYWJjNzE5NiIsInByb3BzIjp7Im5hbWUiOiJKb2huIERvZSJ9LCJyZWFsbSI6InVzZXJzIiwic3ViIjoidGVzdEB0ZXN0LmNvbSJ9.GOlnkifjJzP4iit5NK4A0CI4N9iYCSgyracnN1l0OttJPSG2uZdr2uGqavA7VNncgzcIV5P4vmzaFrndsyc4MA; Path=/; HttpOnly
< Vary: Origin
< Date: Sat, 27 Nov 2021 10:24:54 GMT
< Content-Length: 420
<
* Connection #0 to host localhost left intact
{
"type": "Bearer",
"token":"1e0fdedb-e2d7-4419-9411-869c8982352e"
}
If registration successful, Gortas returns authentication token.
Send GET request to Gortas URL: http://localhost:8080/gortas/v1/auth/login
curl -v -H "Accept: application/json" "http://localhost:8080/gortas/v1/auth/login"
* Trying 127.0.0.1:8080...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 8080 (#0)
> GET /gortas/v1/auth/users/login HTTP/1.1
> Host: localhost:8080
> User-Agent: curl/7.68.0
> Accept: application/json
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Content-Type: application/json; charset=utf-8
< Set-Cookie: GortasAuthFlow=6a272730-09d3-4cef-b621-47b00404b37e; Path=/; HttpOnly
< Vary: Origin
< Date: Sat, 27 Nov 2021 10:26:20 GMT
< Content-Length: 208
<
* Connection #0 to host localhost left intact
{
"module":"login",
"callbacks":[
{
"name":"login",
"type":"text",
"value":"",
"prompt":"Login"
},
{
"name":"password",
"type":"password",
"value":"",
"prompt":"Password"
}
],
"flowId":"6a272730-09d3-4cef-b621-47b00404b37e"
}
Set callbacks values and send the data back to the Gortas service:
curl -v -H "Accept: application/json" \
--data '{"module":"login","callbacks":[{"name":"login", "value":"test@test.com"},{"name":"password", "value":"p@ssw0rd"}],"flowId":"6a272730-09d3-4cef-b621-47b00404b37e"}' \
"http://localhost:8080/gortas/v1/auth/login"
* Trying 127.0.0.1:8080...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 8080 (#0)
> POST /gortas/v1/auth/users/login HTTP/1.1
> Host: localhost:8080
> User-Agent: curl/7.68.0
> Accept: application/json
> Content-Length: 169
> Content-Type: application/x-www-form-urlencoded
>
* upload completely sent off: 169 out of 169 bytes
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Content-Type: application/json; charset=utf-8
< Set-Cookie: GortasSession=eyJhbGciOiJSUzI1NiIsImprcyI6IjBmM2RhNzdlLTU1M2YtNDNkNi1iMjk2LWIyODEzYWJjNzE5NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2MzgwMTQzMzEsImlhdCI6MTYzODAwODg2NSwiaXNzIjoiaHR0cDovL2dvcnRhcyIsImp0aSI6IjBmM2RhNzdlLTU1M2YtNDNkNi1iMjk2LWIyODEzYWJjNzE5NiIsInByb3BzIjp7Im5hbWUiOiJKb2huIERvZSJ9LCJyZWFsbSI6InVzZXJzIiwic3ViIjoidGVzdEB0ZXN0LmNvbSJ9.RhH2SWhMxcGRkgmgx5wVtdeBhWyHq-QUn13JsrTfLEoVBYyVrPukUsEuvf7XPkASRIoTYtRToQmxS-KDl_M2rA; Path=/; HttpOnly
< Vary: Origin
< Date: Sat, 27 Nov 2021 10:27:45 GMT
< Content-Length: 420
<
* Connection #0 to host localhost left intact
{
"type": "Bearer",
"token":"55d4c326-6fa9-4023-b7a1-4a038901585b"
}
To validate and get session data, set GET
request to [http://localhost:8080/gortas/v1/session](http://localhost:8080/gortas/v1/session)
endpoint. Pass authentication token in Authorization
header:
curl -v -H "Authorization: Bearer 1e0fdedb-e2d7-4419-9411-869c8982352e" "http://localhost:8080/gortas/v1/session"
* Trying 127.0.0.1:8080...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 8080 (#0)
> GET /gortas/v1/session/ HTTP/1.1
> Host: localhost:8080
> User-Agent: curl/7.68.0
> Accept: */*
> Authorization: Bearer 1e0fdedb-e2d7-4419-9411-869c8982352e
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Content-Type: application/json; charset=utf-8
< Vary: Origin
< Date: Tue, 30 Nov 2021 06:04:34 GMT
< Content-Length: 178
<
* Connection #0 to host localhost left intact
{
"created": "2021-11-30T05:52:19.443Z",
"id": "1e0fdedb-e2d7-4419-9411-869c8982352e",
"properties": {
"name": "John Doe",
"realm": "users",
"sub": "test@test.com",
"userId": "test@test.com"
}
}