Authix - Authentication as a service

Project description

Authix: Scalable Authentication Service

Welcome to Authix, an authentication service designed based on a talk by Brian Pontarelli.

Authix provides a comprehensive solution for user authentication, built on the principles of JWT (pronounced 'jot') and refresh tokens.

Key Features

User Registration: Users can sign up using their email and password. Users are stored in MongoDB.
User Login: Upon successful login, users receive:
- A JWT access token in the Authorization header for immediate access.
- A longer-lived refresh token as an HTTP cookie for extended sessions.
Access Token Management: Generate new JWT access tokens using the provided refresh token, ensuring seamless user experiences.
Public Key: Services can verify JWTs independently via public key, thereby reducing inter-service network calls.
Secure Logout: Users are logged out by deleting their refresh token from storage, which thereby removes the possibility to create new access tokens. Furthermore, it informs all connected services via Kafka to reject JWTs from the logged-out user, that have been created prior to logging out.
Token Lifespan:
- JWT access tokens are valid for 5 minutes.
- Refresh tokens, stored in REDIS, last for 4 weeks.

Diagrams

User Perspective

graph TB
  A["User"] -- "Register" --> B["/register"]
  A -- "Login" --> C["/login"]
  C -- "JWT & Refresh Token" --> A
  A -- "Use Refresh Token" --> D["/access_token"]
  D -- "New JWT" --> A
  A -- "Logout" --> E["/logout"]

Service Perspective

graph TB
  S["Service"] -- "Retrieve Public Key" --> PK["/public_key"]
  S -- "Verify JWT" --> V["Verify JWT using Public Key"]
  S -- "Handle Logout Broadcast" --> L["Reject soon-to-expire JWTs"]

Performance

On a single computer, running Authix via uvicorn with 16 workers, expect:

Create 1K users

1000 /register

2.97 seconds

Create 1K users, and login each user.

1000 /register
1000 /login

6.28 seconds

Create 10 users, for each user login, and call /access_token 1K times.

10 /register
10 /login
10000 /access_token

3.43 seconds

Project details

Release history Release notifications | RSS feed

This version

0.0.7

Feb 15, 2024

0.0.6

Feb 15, 2024

0.0.5

Feb 15, 2024

0.0.4

Aug 22, 2022

0.0.3

Aug 22, 2022

0.0.1

Aug 22, 2022

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

authix-0.0.7.tar.gz (14.1 kB view details)

Uploaded Feb 15, 2024 Source

Built Distribution

authix-0.0.7-py3-none-any.whl (25.5 kB view details)

Uploaded Feb 15, 2024 Python 3

File details

Details for the file authix-0.0.7.tar.gz.

File metadata

Download URL: authix-0.0.7.tar.gz
Upload date: Feb 15, 2024
Size: 14.1 kB
Tags: Source
Uploaded using Trusted Publishing? No
Uploaded via: twine/5.0.0 CPython/3.9.18

File hashes

Hashes for authix-0.0.7.tar.gz
Algorithm	Hash digest
SHA256	`7da57be9a99312ab7f79fa273c8740ab5bc2f5dad5a29cf0212fdbb0c4918c8d`
MD5	`95e23306fb6db88eae459df8a8daac94`
BLAKE2b-256	`d2bf285973a2bfe1d20c3c55bf7570eb86c9f82fba3125ab26ad42cdcd997eac`

See more details on using hashes here.

File details

Details for the file authix-0.0.7-py3-none-any.whl.

File metadata

Download URL: authix-0.0.7-py3-none-any.whl
Upload date: Feb 15, 2024
Size: 25.5 kB
Tags: Python 3
Uploaded using Trusted Publishing? No
Uploaded via: twine/5.0.0 CPython/3.9.18

File hashes

Hashes for authix-0.0.7-py3-none-any.whl
Algorithm	Hash digest
SHA256	`0041c992068d19b747ac1f527b389c05b04d2cda180c29c7e933d85d73d06f71`
MD5	`4c1dcba72f06750789414f79bb5f10aa`
BLAKE2b-256	`68f177a2175b03d1a0c5a0da5bec9152c359b2a98a837d80999ac33f68404afe`