Mainflux.mainflux/users/README.md

# Users service

Users service provides an HTTP API for managing users. Through this API clients
are able to do the following actions:

- register new accounts
- obtain access tokens
- verify access tokens

For in-depth explanation of the aforementioned scenarios, as well as thorough
understanding of Mainflux, please check out the [official documentation][doc].

## Configuration

The service is configured using the environment variables presented in the
following table. Note that any unset variables will be replaced with their
default values.

| Variable                  | Description                                                             | Default        |
|---------------------------|-------------------------------------------------------------------------|----------------|
| MF_USERS_LOG_LEVEL        | Log level for Users (debug, info, warn, error)                          | error          |
| MF_USERS_DB_HOST          | Database host address                                                   | localhost      |
| MF_USERS_DB_PORT          | Database host port                                                      | 5432           |
| MF_USERS_DB_USER          | Database user                                                           | mainflux       |
| MF_USERS_DB_PASSWORD      | Database password                                                       | mainflux       |
| MF_USERS_DB               | Name of the database used by the service                                | users          |
| MF_USERS_DB_SSL_MODE      | Database connection SSL mode (disable, require, verify-ca, verify-full) | disable        |
| MF_USERS_DB_SSL_CERT      | Path to the PEM encoded certificate file                                |                |
| MF_USERS_DB_SSL_KEY       | Path to the PEM encoded key file                                        |                |
| MF_USERS_DB_SSL_ROOT_CERT | Path to the PEM encoded root certificate file                           |                |
| MF_USERS_HTTP_PORT        | Users service HTTP port                                                 | 8180           |
| MF_USERS_GRPC_PORT        | Users service gRPC port                                                 | 8181           |
| MF_USERS_SERVER_CERT      | Path to server certificate in pem format                                |                |
| MF_USERS_SERVER_KEY       | Path to server key in pem format                                        |                |
| MF_USERS_SECRET           | String used for signing tokens                                          | users          |
| MF_JAEGER_URL             | Jaeger server URL                                                       | localhost:6831 |

## Deployment

The service itself is distributed as Docker container. The following snippet
provides a compose file template that can be used to deploy the service container
locally:

```yaml
version: "2"
services:
  users:
    image: mainflux/users:[version]
    container_name: [instance name]
    ports:
      - [host machine port]:[configured HTTP port]
    environment:
      MF_USERS_LOG_LEVEL: [Users log level]
      MF_USERS_DB_HOST: [Database host address]
      MF_USERS_DB_PORT: [Database host port]
      MF_USERS_DB_USER: [Database user]
      MF_USERS_DB_PASS: [Database password]
      MF_USERS_DB: [Name of the database used by the service]
      MF_USERS_DB_SSL_MODE: [SSL mode to connect to the database with]
      MF_USERS_DB_SSL_CERT: [Path to the PEM encoded certificate file]
      MF_USERS_DB_SSL_KEY: [Path to the PEM encoded key file]
      MF_USERS_DB_SSL_ROOT_CERT: [Path to the PEM encoded root certificate file]
      MF_USERS_HTTP_PORT: [Service HTTP port]
      MF_USERS_GRPC_PORT: [Service gRPC port]
      MF_USERS_SECRET: [String used for signing tokens]
      MF_USERS_SERVER_CERT: [String path to server certificate in pem format]
      MF_USERS_SERVER_KEY: [String path to server key in pem format]
      MF_JAEGER_URL: [Jaeger server URL]
```

To start the service outside of the container, execute the following shell script:

```bash
# download the latest version of the service
go get github.com/mainflux/mainflux

cd $GOPATH/src/github.com/mainflux/mainflux

# compile the service
make users

# copy binary to bin
make install

# set the environment variables and run the service
MF_USERS_LOG_LEVEL=[Users log level] MF_USERS_DB_HOST=[Database host address] MF_USERS_DB_PORT=[Database host port] MF_USERS_DB_USER=[Database user] MF_USERS_DB_PASS=[Database password] MF_USERS_DB=[Name of the database used by the service] MF_USERS_DB_SSL_MODE=[SSL mode to connect to the database with] MF_USERS_DB_SSL_CERT=[Path to the PEM encoded certificate file] MF_USERS_DB_SSL_KEY=[Path to the PEM encoded key file] MF_USERS_DB_SSL_ROOT_CERT=[Path to the PEM encoded root certificate file] MF_USERS_HTTP_PORT=[Service HTTP port] MF_USERS_GRPC_PORT=[Service gRPC port] MF_USERS_SECRET=[String used for signing tokens] MF_USERS_SERVER_CERT=[Path to server certificate] MF_USERS_SERVER_KEY=[Path to server key] MF_JAEGER_URL=[Jaeger server URL] $GOBIN/mainflux-users
```

## Usage

For more information about service capabilities and its usage, please check out
the [API documentation](swagger.yaml).

[doc]: http://mainflux.readthedocs.io
MF-164 - Split manager service (#266) 2018-05-10 23:53:25 +02:00			`# Users service`

MF-488 - Remove Thing type (app or device) (#718) * MF-488 - Remove Thing type (app or device) Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Typo fix Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix reviews Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix reviews Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix reviews Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> 2019-04-20 14:09:11 +02:00			`Users service provides an HTTP API for managing users. Through this API clients`
MF-164 - Split manager service (#266) 2018-05-10 23:53:25 +02:00			`are able to do the following actions:`

			`- register new accounts`
			`- obtain access tokens`
			`- verify access tokens`

			`For in-depth explanation of the aforementioned scenarios, as well as thorough`
			`understanding of Mainflux, please check out the [official documentation][doc].`

			`## Configuration`

			`The service is configured using the environment variables presented in the`
			`following table. Note that any unset variables will be replaced with their`
			`default values.`

MF-399 - Add open tracing support (#782) * Add open tracing dependencies Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Add open tracing to users service Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Add open tracing to the things service Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Add open tracing to the http adapter Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Add open tracing to the ws adapter Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Add open tracing to the CoAP adapter Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Update LoRa adapter in accordance with changes Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Update SDK tests in accordance with changes Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Update bootstrap service in accordance with changes Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Update reader services with accordance with changes Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Update .env and docker-compose file Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Add jaeger and timeout env vars Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Fix broken test for can access by id endpoint Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Update deps with proto empty package Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> 2019-07-18 15:01:09 +02:00			`\| Variable \| Description \| Default \|`
			`\|---------------------------\|-------------------------------------------------------------------------\|----------------\|`
			`\| MF_USERS_LOG_LEVEL \| Log level for Users (debug, info, warn, error) \| error \|`
			`\| MF_USERS_DB_HOST \| Database host address \| localhost \|`
			`\| MF_USERS_DB_PORT \| Database host port \| 5432 \|`
			`\| MF_USERS_DB_USER \| Database user \| mainflux \|`
			`\| MF_USERS_DB_PASSWORD \| Database password \| mainflux \|`
			`\| MF_USERS_DB \| Name of the database used by the service \| users \|`
			`\| MF_USERS_DB_SSL_MODE \| Database connection SSL mode (disable, require, verify-ca, verify-full) \| disable \|`
			`\| MF_USERS_DB_SSL_CERT \| Path to the PEM encoded certificate file \| \|`
			`\| MF_USERS_DB_SSL_KEY \| Path to the PEM encoded key file \| \|`
			`\| MF_USERS_DB_SSL_ROOT_CERT \| Path to the PEM encoded root certificate file \| \|`
			`\| MF_USERS_HTTP_PORT \| Users service HTTP port \| 8180 \|`
			`\| MF_USERS_GRPC_PORT \| Users service gRPC port \| 8181 \|`
			`\| MF_USERS_SERVER_CERT \| Path to server certificate in pem format \| \|`
			`\| MF_USERS_SERVER_KEY \| Path to server key in pem format \| \|`
			`\| MF_USERS_SECRET \| String used for signing tokens \| users \|`
			`\| MF_JAEGER_URL \| Jaeger server URL \| localhost:6831 \|`
MF-164 - Split manager service (#266) 2018-05-10 23:53:25 +02:00
			`## Deployment`

			`The service itself is distributed as Docker container. The following snippet`
			`provides a compose file template that can be used to deploy the service container`
			`locally:`

			```yaml
			`version: "2"`
			`services:`
			`users:`
			`image: mainflux/users:[version]`
			`container_name: [instance name]`
			`ports:`
			`- [host machine port]:[configured HTTP port]`
			`environment:`
MF-379 - Log Level Option (#402) * Adding an option to select log level Signed-off-by: Michael Finley <Michael.Finley@target.com> * making error default log level Signed-off-by: Michael Finley <Michael.Finley@target.com> * removing go-kit/levels and expanding levels wrapper Signed-off-by: Michael Finley <Michael.Finley@target.com> * refactoring test cases and using log.fatal Signed-off-by: Michael Finley <Michael.Finley@target.com> * logger.new no longer accpets enum and now accepts string for level Signed-off-by: Michael Finley <Michael.Finley@target.com> * level_test.go refactor to compare error Signed-off-by: Michael Finley <Michael.Finley@target.com> * Updating the ws README Signed-off-by: Michael Finley <Michael.Finley@target.com> * Adding log level for mqtt Adapter Signed-off-by: Michael Finley <Michael.Finley@target.com> 2018-09-26 11:58:51 -05:00			`MF_USERS_LOG_LEVEL: [Users log level]`
MF-164 - Split manager service (#266) 2018-05-10 23:53:25 +02:00			`MF_USERS_DB_HOST: [Database host address]`
			`MF_USERS_DB_PORT: [Database host port]`
			`MF_USERS_DB_USER: [Database user]`
			`MF_USERS_DB_PASS: [Database password]`
			`MF_USERS_DB: [Name of the database used by the service]`
MF-448 - Option for Postgres SSL Mode (#449) * MF-448 - Option for Postgres SSL Mode Adds an option to choose the ssl mode when connecting to postgres. Only supporting disable or require for now with verify-ca and verify-full to come after more discussion. Signed-off-by: Michael Finley <Michael.Finley@target.com> * Changing package name back Accidentally changed the package name so reverting that! Signed-off-by: Michael Finley <Michael.Finley@target.com> * Adding section in getting-started for securing pgsql connections Signed-off-by: Michael Finley <Michael.Finley@target.com> 2018-11-07 14:54:51 -06:00			`MF_USERS_DB_SSL_MODE: [SSL mode to connect to the database with]`
MF-448 - Add option to connect to DB with verify-ca and verify-full (#500) * MF-448 - Add option to connect to DB with verify-ca and verify-full Adds the option to connect with verify-ca and verify-full Users can now specify any extra certs and keys they may need. Signed-off-by: MichaelFinley <Michael.Finley@target.com> * Passing db config struct rather than seperate parameters Also updated the tests to use the config Signed-off-by: MichaelFinley <Michael.Finley@target.com> * Unexporting fields apart of users config Also added comments to the newly exported Config in things & users postgres/init.go Signed-off-by: MichaelFinley <Michael.Finley@target.com> 2018-12-15 17:28:22 -06:00			`MF_USERS_DB_SSL_CERT: [Path to the PEM encoded certificate file]`
			`MF_USERS_DB_SSL_KEY: [Path to the PEM encoded key file]`
			`MF_USERS_DB_SSL_ROOT_CERT: [Path to the PEM encoded root certificate file]`
MF-164 - Split manager service (#266) 2018-05-10 23:53:25 +02:00			`MF_USERS_HTTP_PORT: [Service HTTP port]`
			`MF_USERS_GRPC_PORT: [Service gRPC port]`
			`MF_USERS_SECRET: [String used for signing tokens]`
MF-426 - Add optional MF_CA_CERTS env variable to allow GRPC client to use TLS certs (#430) * MF-426-Add optional MF_CA_CERTS env variable to allow GRPC client to use TLS certs Signed-off-by: nwest1 <nwest1@users.noreply.github.com> * enable things client to be configured with a ca cert path Signed-off-by: nwest1 <nwest1@users.noreply.github.com> * MF_CA_CERTS docs for http adapter and things service, additional logging and improved error handling when setting up TLS gRPC client Signed-off-by: nwest1 <nwest1@users.noreply.github.com> * refactor things connect to separate function Signed-off-by: nwest1 <nwest1@users.noreply.github.com> * getting-started updates, corrected things env variable Signed-off-by: nwest1 <nwest1@users.noreply.github.com> * clarifying ca certs default functionality Signed-off-by: nwest1 <nwest1@users.noreply.github.com> * configuring tls termination at service endpoint Signed-off-by: nwest1 <nwest1@users.noreply.github.com> * enable TLS configuration for users and things Signed-off-by: nwest1 <nwest1@users.noreply.github.com> * nginx forwarding Signed-off-by: nwest1 <nwest1@users.noreply.github.com> * go imports Signed-off-by: nwest1 <nwest1@users.noreply.github.com> * bad logging change Signed-off-by: nwest1 <nwest1@users.noreply.github.com> * naming specifically to the http adapter component Signed-off-by: nwest1 <nwest1@users.noreply.github.com> * updated tls keys, slightly different grpc configuration set localhost, users and things as subject alternative names Signed-off-by: nwest1 <nwest1@users.noreply.github.com> * log message consistency Signed-off-by: nwest1 <nwest1@users.noreply.github.com> * readme updates related to server ssl configuration Signed-off-by: nwest1 <nwest1@users.noreply.github.com> * Trying to resolve confilcts Signed-off-by: nwest1 <nwest1@users.noreply.github.com> * removing conflicting lines from docker-compose Signed-off-by: nwest1 <nwest1@users.noreply.github.com> * adding back http-adapter configuration Signed-off-by: nwest1 <nwest1@users.noreply.github.com> * slight readme update Signed-off-by: nwest1 <nwest1@users.noreply.github.com> * readme tweaks Signed-off-by: nwest1 <nwest1@users.noreply.github.com> 2018-11-06 14:09:17 -06:00			`MF_USERS_SERVER_CERT: [String path to server certificate in pem format]`
			`MF_USERS_SERVER_KEY: [String path to server key in pem format]`
MF-399 - Add open tracing support (#782) * Add open tracing dependencies Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Add open tracing to users service Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Add open tracing to the things service Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Add open tracing to the http adapter Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Add open tracing to the ws adapter Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Add open tracing to the CoAP adapter Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Update LoRa adapter in accordance with changes Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Update SDK tests in accordance with changes Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Update bootstrap service in accordance with changes Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Update reader services with accordance with changes Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Update .env and docker-compose file Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Add jaeger and timeout env vars Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Fix broken test for can access by id endpoint Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Update deps with proto empty package Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> 2019-07-18 15:01:09 +02:00			`MF_JAEGER_URL: [Jaeger server URL]`
MF-164 - Split manager service (#266) 2018-05-10 23:53:25 +02:00			```

			`To start the service outside of the container, execute the following shell script:`

			```bash
			`# download the latest version of the service`
			`go get github.com/mainflux/mainflux`

			`cd $GOPATH/src/github.com/mainflux/mainflux`

MF-488 - Remove Thing type (app or device) (#718) * MF-488 - Remove Thing type (app or device) Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Typo fix Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix reviews Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix reviews Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix reviews Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> 2019-04-20 14:09:11 +02:00			`# compile the service`
MF-164 - Split manager service (#266) 2018-05-10 23:53:25 +02:00			`make users`

			`# copy binary to bin`
			`make install`

			`# set the environment variables and run the service`
MF-399 - Add open tracing support (#782) * Add open tracing dependencies Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Add open tracing to users service Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Add open tracing to the things service Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Add open tracing to the http adapter Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Add open tracing to the ws adapter Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Add open tracing to the CoAP adapter Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Update LoRa adapter in accordance with changes Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Update SDK tests in accordance with changes Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Update bootstrap service in accordance with changes Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Update reader services with accordance with changes Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Update .env and docker-compose file Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Add jaeger and timeout env vars Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Fix broken test for can access by id endpoint Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> * Update deps with proto empty package Signed-off-by: Aleksandar Novakovic <anovakovic01@gmail.com> 2019-07-18 15:01:09 +02:00			MF_USERS_LOG_LEVEL=[Users log level] MF_USERS_DB_HOST=[Database host address] MF_USERS_DB_PORT=[Database host port] MF_USERS_DB_USER=[Database user] MF_USERS_DB_PASS=[Database password] MF_USERS_DB=[Name of the database used by the service] MF_USERS_DB_SSL_MODE=[SSL mode to connect to the database with] MF_USERS_DB_SSL_CERT=[Path to the PEM encoded certificate file] MF_USERS_DB_SSL_KEY=[Path to the PEM encoded key file] MF_USERS_DB_SSL_ROOT_CERT=[Path to the PEM encoded root certificate file] MF_USERS_HTTP_PORT=[Service HTTP port] MF_USERS_GRPC_PORT=[Service gRPC port] MF_USERS_SECRET=[String used for signing tokens] MF_USERS_SERVER_CERT=[Path to server certificate] MF_USERS_SERVER_KEY=[Path to server key] MF_JAEGER_URL=[Jaeger server URL] $GOBIN/mainflux-users
MF-164 - Split manager service (#266) 2018-05-10 23:53:25 +02:00			```

			`## Usage`

			`For more information about service capabilities and its usage, please check out`
			`the [API documentation](swagger.yaml).`

			`[doc]: http://mainflux.readthedocs.io`