2013-10-16 10:17:35 +04:00
Firefox Accounts Server
=======================
2013-05-14 01:42:49 +04:00
2014-03-22 03:10:46 +04:00
[![Build Status ](https://travis-ci.org/mozilla/fxa-auth-server.svg?branch=master )](https://travis-ci.org/mozilla/fxa-auth-server)
2013-11-21 06:14:03 +04:00
2013-10-16 10:17:35 +04:00
This project implements the core server-side API for Firefox Accounts. It
provides account, device and encryption-key management for the Mozilla Cloud
Services ecosystem.
2013-05-14 04:09:54 +04:00
2013-10-16 10:17:35 +04:00
[Overview ](/docs/overview.md )
2013-08-16 22:33:44 +04:00
2014-03-21 01:02:32 +04:00
[Detailed design document ](https://github.com/mozilla/fxa-auth-server/wiki/onepw-protocol )
2013-10-16 10:17:35 +04:00
[Detailed API spec ](/docs/api.md )
2013-06-18 02:18:57 +04:00
2014-05-16 09:59:47 +04:00
[Guidelines for Contributing ](/CONTRIBUTING.md )
2014-05-16 06:37:59 +04:00
2013-09-14 01:13:40 +04:00
## Prerequisites
* node 0.10.x or higher
* npm
2013-10-16 10:17:35 +04:00
* pgrep
* Usually available by default on Mac OS X 10.8+ and Linux.
* On older versions of Mac OS X, get it via: `brew install proctools` .
2013-09-14 01:13:40 +04:00
* libgmp
* On Linux: install libgmp and libgmp-dev packages
* On Mac OS X: `brew install gmp`
2013-05-14 04:09:54 +04:00
## Install
2014-07-16 17:58:40 +04:00
You'll need node 0.10.x or higher and npm to run the server. On some systems running the server as root will cause working directory permissions issues with node. It is recommended that you create a seperate, standard user to ensure a clean and more secure installation.
2013-05-14 04:09:54 +04:00
Clone the git repository and install dependencies:
2013-11-16 03:38:04 +04:00
git clone git://github.com/mozilla/fxa-auth-server.git
cd fxa-auth-server
2013-05-14 04:09:54 +04:00
npm install
2014-07-22 07:25:56 +04:00
To start the server in dev mode (ie. `NODE_ENV=dev` ), run:
2013-05-14 04:09:54 +04:00
npm start
2014-07-22 07:25:56 +04:00
This runs a script `scripts/start-local.sh` as defined in `package.json` . This will start up
4 services, three of which listen on the following ports (by default):
* `bin/key_server.js` on port 9000
* `test/mail_helper.js` on port 9001
* `./node_modules/fxa-customs-server/bin/customs_server.js` on port 7000
* `bin/notifier.js` (no port)
When you `Ctrl-c` your server, all 4 processes will be stopped.
2013-05-14 04:09:54 +04:00
## Testing
Run tests with:
npm test
2014-07-16 05:01:58 +04:00
* Note: stop the auth-server before running tests. Otherwise, they will fail with obscure errors.
2013-07-10 04:27:18 +04:00
## Reference Client
2014-06-03 22:15:36 +04:00
https://github.com/mozilla/fxa-js-client
2013-05-14 04:09:54 +04:00
2013-08-06 08:17:26 +04:00
## Dev Deployment
2013-08-09 07:53:01 +04:00
There is a development server running the moz-svc-dev AWS environment, at the following address:
2013-08-06 08:17:26 +04:00
2013-11-19 07:48:55 +04:00
https://api-accounts.dev.lcip.org/
2013-08-09 07:53:01 +04:00
2013-11-19 07:40:20 +04:00
It is managed using [awsbox ](http://awsbox.org/ ). You can force-push a particular version of the code by doing:
2013-08-09 07:53:01 +04:00
2013-11-19 07:40:20 +04:00
$> git remote add api-dev-lcip-org app@api-accounts.dev.lcip.org:git
$> git push api-dev-lcip-org HEAD:master
2013-08-09 07:53:01 +04:00
2013-08-26 05:27:53 +04:00
The dev deployment is configured to send emails via Amazon SES. If you need to re-create, or want to stand up a similar server, you will need to:
2013-08-06 08:17:26 +04:00
2013-08-26 05:27:53 +04:00
1. Obtain the SES SMTP credentials; ping @rfk or @zaach for details.
2. Deploy the new machine using awsbox.
3. Configure postfix to use the SES credentials:
1. Edit /etc/postfix/sasl_passwd to insert the SES credentials.
2. Run `/usr/sbin/postmap /etc/postfix/sasl_passwd` to compile them.
2013-11-02 02:21:16 +04:00
3. Edit /etc/postfix/main.cf to change 'relayhost' to the SES SMTP host
2014-01-02 08:26:13 +04:00
(typically "email-smtp.us-east-1.amazonaws.com:587").
2013-08-26 05:27:53 +04:00
4. Run `service postfix restart` to restart postfix.
2013-08-06 08:17:26 +04:00
2013-11-19 07:48:55 +04:00
There is also a "bleeding edge" development server that is configured to
auto-update itself from the latest github master. It may be useful for testing
out new protocol changes, but should be considered unstable for general
development use:
https://api-accounts-latest.dev.lcip.org/
2013-09-05 04:01:35 +04:00
### Configuration
2013-11-19 07:40:20 +04:00
To set the url of the [content server ](https://github.com/mozilla/fxa-content-server ), edit `config.json` on your deployed instance and add:
2013-09-05 04:01:35 +04:00
2013-11-19 07:40:20 +04:00
"contentServer": {
"url": "http://your.content.server.org"
2013-09-05 04:01:35 +04:00
}
2013-08-06 08:17:26 +04:00
2013-11-02 02:21:16 +04:00
## MySQL setup
### Install MySQL
#### Mac
Installation is easy with homebrew. I use mariadb which is a fork of mysql but either should work.
brew install mariadb
Follow the homebrew instructions for starting the server. I usually just do
mysql.server start
#### Linux
[Install MySQL ](http://bit.ly/19XPRZf ) and start it.
2014-05-22 08:16:41 +04:00
### Database Patches
Previously the database patches were contained in this repo and were run when the server started up (in development mode). However, there is a new backend service that this project will use as we go forward. Whilst the database connection and API code is still contained and used in this repo you should take a look at the [fxa-auth-db-server ](https://github.com/mozilla/fxa-auth-db-server/ ) repo for the SQL that you should run once you have your database set up, specifically the instructions on [Creating the Database ](https://github.com/mozilla/fxa-auth-db-server/#creating-the-database ). Note where the schema [patches ](https://github.com/mozilla/fxa-auth-db-server/tree/master/db/schema ) live, in case you need them.
As we switch over to the httpdb backend, the instructions here and in the *fxa-auth-db-server* repo will be updated to clarify this. We know this isn't optimal for now but it is temporary during this transition.
2013-11-02 02:21:16 +04:00
### Execution
Our test suite assumes mysql uses it's default configuration. See `config/config.js` for the override ENV variables if you have different root user password or other user. Now you should be able to run the test suite from the project root directory.
DB_BACKEND=mysql npm test
Or run the local server
DB_BACKEND=mysql npm start
### Cleanup
2013-11-19 07:40:20 +04:00
You may want to clear the data from the database periodically. I just drop the database:
2013-11-02 02:21:16 +04:00
2013-11-19 07:40:20 +04:00
mysql -uroot -e"DROP DATABASE fxa"
The server will automatically re-create it on next use.
2013-11-02 02:21:16 +04:00
2014-06-27 03:56:21 +04:00
## Using with FxOS
2014-06-27 03:58:20 +04:00
By default, FxOS uses the production Firefox Accounts server (`api.accounts.firefox.com/v1`). If you want to use a different account server on a device, you need to update a preference value `identity.fxaccounts.auth.uri` .
2014-06-27 03:56:21 +04:00
2014-06-27 03:58:20 +04:00
* Download this script: https://gist.github.com/edmoz/5596162
* `chmod +x modPref.sh; ./modPref.sh pull`
* Edit `prefs.js` to change `identity.fxaccounts.auth.uri` , e.g., add a line
2014-06-27 03:56:21 +04:00
```
user_pref("identity.fxaccounts.auth.uri", "https://api-accounts.stage.mozaws.net/v1");
```
2014-06-27 03:58:20 +04:00
* `./modPref.sh push prefs.js`
2014-06-27 03:56:21 +04:00
2013-05-14 04:09:54 +04:00
## License
MPL 2.0