BOB Docs
APIApplicationUser

Auth Service

It supports user login, token management, external authentication, and account recovery operations. The service integrates with repositories and external providers to ensure secure and efficient user authentication.

Thanks to ExternalAuthType system is ready to use external providers. Each provider can have its own implementation, like Firebase. User can also have more than one external provider.

Key Responsibilities

  1. User Authentication:
  • Handles login via email/password and external providers like Firebase.
  • Generates and validates JWT access and refresh tokens for secure user sessions.
  1. Account Management:
  • Supports email validation and password reset mechanisms.
  • Associates external authentication providers with users.
  1. External Provider Integration:
  • Validates and binds user accounts to external providers like Firebase.
  • Manages user data synchronization with external authentication systems.
  1. Token Management:
  • Creates, verifies, and refreshes JWT tokens for user sessions.
  • Manages reset password and email verification tokens.

Key Methods

  • Authentication:
    • login(email, password): Authenticates a user using email and password.
    • validate_external(external_type, token): Validates external authentication tokens.
    • authenticate_user(user_id): Generates access and refresh tokens for a user.
  • Token Management:
    • refresh_token(encoded_token): Refreshes access and refresh tokens.
    • verify_token(encoded_token): Verifies the validity of a JWT token.
  • Account Recovery:
    • generate_reset_password_link(email): Generates a link for password reset.
    • reset_password(token, password): Resets the password using a reset token.
  • Email Validation:
    • generate_validate_email_link(email): Generates a link for email verification.
    • validate_user(token): Marks a user as active using an email verification token.
  • External Authentication:
    • bind_external(external_auth, email): Links an external authentication record to a user.
    • handle_firebase_verification(token): Verifies a Firebase token and retrieves user info.

Purpose

This service provides a secure and centralized approach to user authentication and authorization, supporting both local and external providers. It ensures a seamless user experience while adhering to best practices for security and scalability.

Previous

User

Next

Invitation Service

On this page