authenzify/README.md

server to manage authentication authorization of users and more

#Authenzify

- This repository is not ready yet, is on progress. Please do not use it yet.

- Generate keys example:
  - openssl ecparam -name prime256v1 -genkey -noout -out ec-private-key.pem
  - openssl ec -in ec-private-key.pem -pubout -out ec-public-key.pem

- config file:
  /\*\*

* @typedef {Object} JwtOptions
* @property {string} issuer - JWT issuer (e.g. company name)
* @property {string} subject - JWT subject (e.g. user email)
* @property {string} audience - JWT audience (e.g. service URL)
* @property {string|number} expiresIn - Token expiration time (e.g. '12h')
* @property {string} algorithm - JWT algorithm, e.g. 'ES256'
  \*/

/\*\*

- @typedef {Object} StorageOptions
- @property {string} dbName - Name of the MongoDB database
- @property {Object.<string, any>} [otherOptions] - Additional options
  \*/

/\*\*

- @typedef {Object} StorageConfig
- @property {'mongodb'} type - Type of storage (currently only MongoDB supported)
- @property {string} uri - MongoDB connection URI
- @property {StorageOptions} options - Additional storage options
  \*/

/\*\*

- @typedef {Object} EmailTemplatePaths
- @property {string} from - Path to the "from" template
- @property {string} html - Path to the HTML body template
- @property {string} subject - Path to the subject template
  \*/

/\*\*

- @typedef {Object} EmailTemplates
- @property {EmailTemplatePaths} activation
- @property {EmailTemplatePaths} forgotPassword
- @property {EmailTemplatePaths} onVerification
- @property {EmailTemplatePaths} permissionsRequest
- @property {EmailTemplatePaths} permissionsApprovedToUser
  \*/

/\*\*

- @typedef {Object} EmailProviderSettings
- @property {string} from - Default sender email
- @property {string} host - SMTP host (e.g. 'gmail')
- @property {number} port - SMTP port
- @property {boolean} secure - Whether to use TLS
- @property {{ user: string, pass: string }} auth - Authentication details
  \*/

/\*\*

- @typedef {Object} EmailProvider
- @property {string} provider - Email provider name (e.g. 'nodemailer')
- @property {EmailProviderSettings} settings
- @property {EmailTemplates} emailTemplates
  \*/

/\*\*

- @typedef {Object} UsersManagementServerConfig
- @property {string[]} onSignUpFirstBasePermissions - Default permissions assigned at sign-up
- @property {string} clientDomain - Public domain for client
- @property {string} applicationName - Application name
- @property {string} activationVerificationRoute - URL route for activation link
- @property {string} domain - API or frontend domain
- @property {string} activateUserBy - Mode of user activation (from ACTIVATE_USER_BY)
- @property {string} passwordPolicy - Regex pattern for valid passwords
- @property {string} usernamePolicy - Optional username policy (empty if not enforced)
- @property {StorageConfig} storage - Storage configuration (e.g. MongoDB)
- @property {number} saltLength - Salt length for password hashing
- @property {string} passwordPrivateKey - Key used in password encryption
- @property {string} privateKey - JWT signing private key
- @property {string} publicKey - JWT verification public key
- @property {JwtOptions} jwtOptions - JWT-related settings
- @property {string} authorizationCookieKey - Cookie key for storing JWT
- @property {boolean} setCookieOnSignIn - Whether to set cookie after sign-in
- @property {EmailProvider} emailProvider - Email provider settings and templates
- @property {boolean|Object} logger - Logging config or false if disabled
- @property {string} resetPasswordRoute - Reset password verification URL
- @property {string} didNotAskedToResetPasswordRoute - Alternate route if user didn’t request reset
- @property {Object.<string, any>} [customOverrides] - Additional config overrides
  \*/