Authentication API

Introduction

Welcome to the FabricBloc Authentication Service - a modern, secure, and comprehensive authentication solution designed for the digital age. This service provides everything you need to manage user identities, from traditional email/password authentication to advanced features like passwordless login and social authentication.

What is FabricBloc Auth?

FabricBloc Auth is a microservice that handles all authentication-related operations for applications. It's built with security, scalability, and user experience in mind, offering multiple ways for users to access their accounts while maintaining the highest security standards.

Key Features

• Multiple Authentication Methods: Email/password, passwordless login, and social login

• Secure OTP System: One-time passwords for verification and security

• JWT Token Management: Secure access and refresh tokens

• User Profile Management: Complete user profile with customizable fields

• Email Notifications: Automated email delivery for OTPs and account updates

• Rate Limiting: Protection against abuse and brute force attacks

• Health Monitoring: Built-in service health checks

Service Overview

Current Version

• Version: 0.1.0

• Status: Development Ready

• Last Updated: 2025

Base URLs

• Production: https://api.dev.fabricbloc.com/

• API Base: https://api.dev.fabricbloc.com/v1/auth

• API Documentation: http://auth.fabric.test:8000/api/v1/swagger/

Current Modules & Features

1. User Management Module

   Purpose: Handles user registration, profile management, and account operations. Features:

   • User registration with email verification

   • Profile creation and updates

   • Account status management

   • User data retrieval

   User Profile Fields:

   • id: Unique user identifier

   • email: Primary email address

   • first_name: User's first name

   • last_name: User's last name

   • date_joined: Account creation date

   • is_online: Online status indicator

   • date_of_birth: Birth date (optional)

   • bio: Personal biography (optional, max 500 characters)

   • authentication_type: The authentication method used by the user for the provided email address.

   • is_verified: Whether user verified their identity

   • wallet_address: Wallet address of the user (Optional)

2. Authentication Module

   Purpose: Manages all authentication-related operations. Features:

   • Traditional email/password login

   • Passwordless authentication via OTP

   • JWT token generation and management

   • Session management

   • Password reset and change functionality

3. OTP (One-Time Password) Module

   Purpose: Provides secure verification through temporary codes. Features:

   • 6-digit OTP generation

   • 3-minute validity period

   • Multiple OTP contexts (login, signup, password reset, email change)

   • Rate limiting (3 requests per 30 seconds)

   • Email delivery via SendGrid

4. Email Notification Module

   Purpose: Handles all email communications with users. Features:

   • Provider-agnostic email system

   • SendGrid integration

   • Template-based email delivery

   • Dynamic content support

   • Error handling and logging

5. Security Module

   Purpose: Ensures service security and protects user data. Features:

   • JWT token authentication

   • Rate limiting protection

   • Secure password storage

   • CORS configuration

   • Input validation and sanitization