QAuth

QAuth is a robust, multi-tenant authentication and authorization service. It provides comprehensive user management, role-based access control, and API key management capabilities.

Features

• 🔐 Multi-tenant authentication and authorization
• 👥 User management with role-based access control (RBAC)
• 🔑 API key management
• 📧 Email and SMS-based MFA
• 📨 Customizable email templates
• 🚀 Invitation system for user onboarding
• 🌍 Internationalization support (English/Arabic)
• 🔄 Redis caching for improved performance
• Authentication: JWT and API Keys
• MFA: Email/SMS OTP

API Documentation

Authentication Endpoints (/auth)

• POST /auth/login - User login
• POST /auth/token/validate - Validate authentication token
• POST /auth/forgot-password - Initiate password reset
• POST /auth/reset-password - Reset password
• POST /auth/change-password - Change password
• POST /auth/verify-otp - Verify OTP code
• POST /auth/token/refresh - Refresh access token

User Management (/organization/:org_id/users)

• POST /users - Create new user
• GET /users - List all users
• GET /users/:id - Get user details
• PUT /users/:id - Update user
• DELETE /users/:id - Delete user
• POST /users/search - Search users

Role Management (/organization/:org_id/roles)

• POST /roles - Create role
• GET /roles - List all roles
• GET /roles/:id - Get role details
• PUT /roles/:id - Update role
• DELETE /roles/:id - Delete role
• POST /roles/search - Search roles

Permission Management (/organization/:org_id/permissions)

• POST /permissions - Create permission
• GET /permissions - List all permissions
• GET /permissions/:id - Get permission details
• PUT /permissions/:id - Update permission
• DELETE /permissions/:id - Delete permission
• POST /permissions/search - Search permissions

API Key Management (/organization/:org_id/apikeys)

• POST /apikeys - Create API key
• GET /apikeys - List all API keys
• GET /apikeys/:id - Get API key details
• DELETE /apikeys/:id - Delete API key
• POST /apikeys/validate - Validate API key
• POST /apikeys/search - Search API keys

Tenant Management (/tenant/:tenant_id)

• POST /tenants - Create tenant
• GET /tenants - List all tenants
• GET /tenants/:id - Get tenant details
• PUT /tenants/:id - Update tenant
• DELETE /tenants/:id - Delete tenant
• POST /tenants/search - Search tenants
• POST /tenants/:id/api-keys - Create tenant API key
• DELETE /tenants/:id/api-keys/:keyId - Delete tenant API key

Invitation Management (/organization/:org_id/invitations)

• POST /invitations/create - Create invitation
• GET /invitations/list - List invitations
• POST /invitations/cancel - Cancel invitation
• POST /invitations/search - Search invitations
• GET /invitations/verify/:token - Verify invitation token

Email Template Management (/tenant/:tenant_id/email-templates)

• POST /email-templates - Create template
• GET /email-templates - List templates
• PUT /email-templates/:id - Update template
• DELETE /email-templates/:id - Delete template
• POST /email-templates/search - Search templates
• POST /email-templates/render - Render template
• src/common/: Contains shared utilities, guards, and middleware used across the application
• src/config/: Configuration files for different environments and services
• src/migrations/: Database migration files for schema updates
• src/modules/: Feature modules, each containing its own controllers, services, DTOs, and entities
• src/seeds/: Database seed files for initial data setup
• test/: Contains e2e tests and test configurations
• dist/: Contains the compiled JavaScript code
• .env.*: Environment-specific configuration files
• package.json: Project metadata and dependencies
• tsconfig.json: TypeScript compiler configuration

Security Features

• JWT-based authentication
• API key authentication
• Role-based access control
• Multi-factor authentication
• Request validation
• SQL injection prevention
• XSS protection