Newer
Older
# Legacy Authentication Middleware
## Features
This middleware provides an interface for our services, for the web application and for the admin GUI toward the `Legacy auth service`. As the lecacy auth service is a bit old fashioned, it sometimes requires the user's login and password to be passed along with the request or even an admin login and password. As a consequence the middleware also does:
- encryption of the user's password on the login request which is then sent along with the user info to the authentication service
- decryption of the user's password from the jwt (payload) received as a cookie in the incomming request which is then passed along with the original request to the upstream server
- addition of an admin login and password in some requests that require admin accesses
This middleware depends on the Legacy auth service (Django) and on the [Email service](../services/mailer.md).
This middleware provides the following endpoints:
1. `/legacy/user` (GET, POST and DELETE)
2. `/legacy/user/validateAccount`
3. `/legacy/user/login`
4. `/legacy/user/updatePassword`
5. `/legacy/user/update`
6. `/legacy/user/resetPassword`
7. `/legacy/user/resources`
8. `/legacy/user/resources/add`
9. `/legacy/user/resources/renew`
10. `/legacy/user/resources/delete`
11. `/legacy/isPasswordResetTokenValid`
12. `/legacy/passwordForgotten`
13. `/legacy/services`
14. `/legacy/restrictedAccessDatasets`
15. `/legacy/publicKey`
16. `/health`
returning a `200` HTTP code if the API is healthy, `503` otherwise. For the service to be healthy, the underlying redis service must be up as well as the email service. Note that for technical reasons the health check on the legacy auth service has been disabled.
## Implementation
The service is implemented using the [NestJS](https://nestjs.com/) framework. We refer the reader to the [NestJS-based micro-services](../../miscellaneous/nestjs-micro-services.md) page for further details concerning the latter framework and the features it provides.