Identity Service

User authentication service with JWT token issuance and TOTP-based two-factor authentication.

Features

User registration and login
JWT access tokens
TOTP-based 2FA with recovery codes
Bearer token middleware

Quick Start

# Start shared infrastructure first
docker compose -f infra/docker/docker-compose.yaml up -d

# Development mode (hot reload)
docker compose --profile dev up identity-dev identity-postgres

# Production mode
docker compose up identity identity-postgres

Local Development

POSTGRES_HOST=localhost \
POSTGRES_PORT=5432 \
POSTGRES_DATABASE=auction \
POSTGRES_USERNAME=postgres \
POSTGRES_PASSWORD=postgres \
JWT_SECRET=your-secret-key \
PORT=8080 \
go run main.go

API Endpoints

Method	Path	Auth	Description
POST	`/register`	Public	Create user account
POST	`/login`	Public	Authenticate, get JWT
POST	`/2fa/challenge`	Public	Exchange temp JWT + OTP for access token
GET	`/me`	Bearer	Get user profile
POST	`/2fa/enable`	Bearer	Generate TOTP secret
POST	`/2fa/verify`	Bearer	Verify OTP, get recovery codes
POST	`/2fa/disable`	Bearer	Disable 2FA
GET	`/2fa/recovery-codes`	Bearer	Retrieve recovery codes

Two-Factor Authentication

Enable 2FA

POST /2fa/enable → Returns otpauth:// URL
Scan QR code with authenticator app
POST /2fa/verify with OTP → Returns recovery codes

Login with 2FA

POST /login → Returns 202 Accepted + temporary JWT (1h TTL)
POST /2fa/challenge with { "jwt": "<temp>", "code": "123456" } → Returns access token

Disable 2FA

POST /2fa/disable → Returns 204, reverts to password-only login

Configuration

Variable	Default	Description
`PORT`	`8080`	HTTP listener port
`POSTGRES_HOST`	`identity-postgres`	Database host
`POSTGRES_PORT`	`5432`	Database port
`POSTGRES_DATABASE`	`auction`	Database name
`POSTGRES_USERNAME`	`postgres`	Database user
`POSTGRES_PASSWORD`	`postgres`	Database password
`POSTGRES_SSLMODE`	`disable`	SSL mode
`JWT_SECRET`	-	JWT signing secret (required)

Database

Schema: infra/postgres/migrations/001_create_users.sql

users table with password hash, 2FA secret, recovery codes
Passwords are SHA-256 hashed
Recovery codes stored as JSON

Reset Database

docker compose down -v
docker compose up

Project Structure

identity/
├── main.go                 # Entry point + routes
├── app/identity/           # HTTP handlers
├── domain/                 # User entity
├── internal/middleware/    # Bearer auth
├── infra/postgres/         # Repository + migrations
└── pkg/
    ├── config/             # Viper config
    ├── httperror/          # Error handling
    ├── jwt/                # Token utilities
    └── totp/               # 2FA implementation

Name		Name	Last commit message	Last commit date
Latest commit History 12 Commits
app		app
cmd/api		cmd/api
domain		domain
infra		infra
internal/middleware		internal/middleware
pkg		pkg
.air.toml		.air.toml
.dockerignore		.dockerignore
.env.example		.env.example
.gitignore		.gitignore
Dockerfile		Dockerfile
README.md		README.md
docker-compose.yaml		docker-compose.yaml
go.mod		go.mod
go.sum		go.sum

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Identity Service

Features

Quick Start

Local Development

API Endpoints

Two-Factor Authentication

Enable 2FA

Login with 2FA

Disable 2FA

Configuration

Database

Reset Database

Project Structure

About

Uh oh!

Releases

Packages

Uh oh!

Languages

GoAuction/identity

Folders and files

Latest commit

History

Repository files navigation

Identity Service

Features

Quick Start

Local Development

API Endpoints

Two-Factor Authentication

Enable 2FA

Login with 2FA

Disable 2FA

Configuration

Database

Reset Database

Project Structure

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Languages

Packages