leviolson
/
guardian-api-proxy
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
Browse Source

Create README

master
Levi Olson 8 years ago
parent
b8efd506bf
commit
da93f68fb8
1 changed files with 45 additions and 0 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +45
    -0
      README.md

+ 45
- 0
README.md View File

@ -0,0 +1,45 @@
# Guardian API Proxy #
A single proxy server to authenticate requests to multiple internal APIs. Experimenting with using Node.js as a single point of entry to access internal APIs. The idea being you have _a single_ entry point so APIs can remain inaccessible to the outside world and you only have to edit a single point when making security enhancements. Individual APIs are secured by having to pass a `client_id`, `username`, and `password` along with the request. This is validated early in the request.
Added benefits include:
* A single database change to the `client_id` and you have re-secured access, if for some reason a malicious intent is discovered. At that point, the method of entry can be addressed, and new `client_id`s can be distributed (typically in the form of an app update).
* In the use-case of mobile apps, changing the `client_id` can also be detected, and this can be the basis for forcing an app update (i.e. trigger a popup to download new version from app store).
* Logging API traffic is now made *super simple* and analytics become a natural/inherent part of this service.
* And a lot more...
An example of how this is intended to work is as follows:
* Let's say we have an API that returns a list of books when we navigate to http://example.com/api/books.
* We associate a `client_id` of `bookapiv01` to the base url above in a database (in real world use, this should be a completely random generated string so as not to be guessable).
* Our "guardian" service is setup at https://guardian.serverexample.com/.
* We send a post request to our new guardian server (including the uri string) which includes the following:
* `https://guardian.serverexample.com/api/books` is the url
* `client_id = booksapiv01`
* `username = allowedusername`
* `password = reallysecurepw`
* `_method = GET` (optional)
* `params = {"author":"bill"}` (optional)
* The resulting response is the list of books as if we queried the API directly. Only we successfully authenticated the request and have all the benefits mentioned above.
* Version 0.0.1 (the alpha's alpha)
### Installation ###
* `git clone git@github.com:leothelocust/guardian-api-proxy.git`
* `npm install`
* `node` or `nodemon app.js`
* Voila! It workie.
### Contribution guidelines ###
* Write tests
* Then code
* Code review
* 4 spaces (no tabs)
* Submit pull request
### Contact ###
* Levi Olson <leothelocust> on Github

Write Preview
Loading…
Cancel
Save