Skip to content
/ node-ts-express-port-adapter Public

node typescript express application to pratice DDD and port adapters architecture

4 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

jrollin/node-ts-express-port-adapter

BranchesTags

Repository files navigation

Express with typescript

Status : draft

Build Status

Manage a project portfolio with ddd and port/adapter pattern

API Rest + Openid server

Stack

Node + Typescript + Express

Required

SSL certificate for Https

mkdir certificates
openssl req -nodes -new -x509 -keyout ./certificates/server.key -out ./certificates/server.cert

nb : auto signed certificate show security warnings in recent browser. Accept or buy an official certificate

Define your own env file

cp .env.template .env

Dependencies

packages global or local

  • typescript
  • ts-node

Packages :

Conventions

  • tslint
  • prettier

Validation

File Upload

Log

Testing

Image:

Auth :

Architecture design

  • DDD
  • Port/Adapter
  • command / query

Design details for DDD

TODO : mappers

  • From Domain to DTO
  • From Domain to Persistence : @TODO
  • From Persistence to Domain : @TODO

Keycloak

Launch keycloak server : http://locahost:8080

docker-compose up

admin credentials (defined in docker-compose.yml)

admin
Pa55w0rd

Config

  • realm : create realm with openid connect
  • client > settings : ensure standard flow and direct grant selected
  • roles > create role 'user'
  • client scope: create scope 'skills' (disable consent)
  • client > scopes : add 'skills' to default scope selected

Do not use Implicit Flow (deprecated) but Authorization Code Grant Flow with PKCE

Video about PKCE flow

JSON Web Keys(JWKs) returned by authorization server endpoint

http://localhost:8080/auth/realms/myrealm/protocol/openid-connect/certs

Example 1 : Direct Access Grants (if Enabled)

Possible to retrieve token with username/password

$export TOKEN=$(curl -H "Content-Type: application/x-www-form-urlencoded" \
  -d "client_id=express-portfolio" \
  -d "username=myuser" \
  -d "password=mypass" \
  -d "grant_type=password" \
  -X POST http://localhost:8080/auth/realms/myrealm/protocol/openid-connect/token | jq -r .access_token)
$echo $TOKEN

Example 2 : Authorization Code Grant Flow with PKCE

ref : https://auth0.com/docs/api-auth/tutorials/authorization-code-grant-pkce

  • create code verifier
  • create code challenge from verifier
  • Get the User's Authorization with code challenge
  • Exchange the Authorization Code for an Access Token
  • Call the API with Bearer :)
  • verify token (JWT, claims, perms)

Infos :

  • store verify code with state in cookie
  • use cookie-parser middleware to retrieve cookie

About

node typescript express application to pratice DDD and port adapters architecture

Resources

Readme
Activity

Stars

4 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages