Added some extra information about auth (and included demo api credentials)

This commit is contained in:
Thom Werring 2024-03-27 08:30:35 +01:00
parent 75b459b10f
commit 135f23da75
2 changed files with 25 additions and 3 deletions

View File

@ -14,6 +14,29 @@ Alternatively, it is possible to use your own mysql database, and run the code l
4. Run `npm run build` to build the nestjs application
5. Run `npm run start:prod` to start the nestjs application
After starting the application will run on http://localhost:3000/
## Documentation
The full endpoint documentation can be found on http://localhost:3000/api.
Here you can find which endpoints there are, and how to authenticate.
### Authentication
For the Authentication I went with an base64 encoded authentication string consisting of 2 parts.
The first part is the ApiKey, which is stored in the authentication database.
The second part is a secret that is being used as a password.
In the database we have stored 2 values, the ApiKey and a digest.
This digest is creating by using HMAC with the api secret as password, using a sha256 to hash the ApiKey.
This way there is no full api key stored in the database.
#### Demo example
In this demo you can use `eG5nVnZGaWtCMFN6NjRRaWQ2TUJsUTJWaDpjeGg1R3FKRUl0UTlzSGRQdElGMGg0bFJp` for the requests.
This decodes to `xngVvFikB0Sz64Qid6MBlQ2Vh:cxh5GqJEItQ9sHdPtIF0h4lRi`.
The first part `xngVvFikB0Sz64Qid6MBlQ2Vh` is stored in the database, but the second part is not stored anywhere.
## Receiving Tracking information
When receiving Tracking information, the following steps need to be completed to process the data
```mermaid
@ -27,8 +50,7 @@ flowchart TD
sendNotification[/Send notification\]
receiveTracking -- "`
**Tracking data**
receiveTracking -- "`**Tracking data**
carrierName:**string**
destinationUnLoCode:**string**
departureDate:**string[_datetime_]**

View File

@ -2,7 +2,7 @@ services:
api:
build: .
ports:
- "3001:3000"
- "3000:3000"
command: "npm run start:prod"
depends_on:
- database