distributed-auth-system

command module
v0.0.0-...-4b4fa20 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 16, 2025 License: MIT Imports: 1 Imported by: 0

README

Still WIP (Work in progress)

Distributed Authorization and Authentication System

A distributed authorization and authentication system inspired by blockchain node architectures, emphasizing data consistency, network communication, and consensus management.

Features

  • Data Storage

    • Key-value data store with Merkle tree structure for efficient data integrity validation
    • LevelDB for lightweight, persistent storage
    • Redis caching layer for optimized read operations
    • Local ledger that periodically syncs with trusted peers

  • Network Communication

    • gRPC for efficient, bidirectional communication between nodes
    • Pub/sub model with publisher and subscriber goroutines
    • Rate-limiting and backoff strategies for network stability

  • Consensus Mechanism

    • Lightweight Raft consensus algorithm for data consistency
    • Leader elections and quorum maintenance
    • Majority consensus for transaction commitment

  • Synchronization and Fault Tolerance

    • Checkpointing system for state snapshots
    • Hash-based state verification for data synchronization
    • Bloom filters for efficient identification of missing data

  • Security Enhancements

    • End-to-end encryption using TLS
    • ECDSA signatures for transaction authentication

Architecture

The system is composed of the following components:

  1. DataStore: Manages data storage using LevelDB and Redis
  2. MerkleTree: Provides data integrity validation
  3. ConsensusManager: Implements the Raft consensus algorithm
  4. NetworkManager: Handles communication between nodes
  5. SecurityManager: Manages TLS and ECDSA signatures
  6. SyncManager: Handles state synchronization between nodes
  7. CheckpointManager: Manages checkpointing for fault tolerance

Requirements

  • Go 1.23 or higher
  • Redis server
  • LevelDB

Installation

  1. Clone the repository:

    git clone https://github.com/GooseFuse/distributed-auth-system.git
cd distributed-auth-system

  2. Install dependencies:

    go mod download

Running the System

Starting a Node
go run . -node=node1 -port=:50051 -db=./data -redis=localhost:6379 -tls=false

Command-line flags:

  • -node: Node ID (default: "node1")
  • -port: Port to listen on (default: ":50051")
  • -db: Path to database (default: "./data")
  • -redis: Redis address (default: "localhost:6379")
  • -tls: Use TLS (default: false)
Running Multiple Nodes

To run a cluster of nodes, start multiple instances with different node IDs and ports:

# Terminal 1
go run . -node=node1 -port=:50051

# Terminal 2
go run . -node=node2 -port=:50052

# Terminal 3
go run . -node=node3 -port=:50053
Using the Client

A client application is provided to interact with the system. The client allows you to store data, retrieve data, and simulate user authentication.

To build and run the client:

# Navigate to the client directory
cd client

# Download dependencies
go mod tidy

# Build the client
go build -o auth-client

# Run the client (examples)
./auth-client -op=store -key=user123 -value=password456
./auth-client -op=get -key=user123
./auth-client -op=auth -key=user123 -value=password456

For more details on using the client, see the client README.

Running the Demo

A demo script is provided to demonstrate how to run a cluster of nodes and interact with them using the client:

docker-compose up --build

The demo script:

  1. Builds the distributed auth system and client
  2. Starts docker containers:
    • Redis
    • 3x Auth-Nodes
    • Client
  3. Demonstrates client operations (store, get, authenticate)

System Components

Data Storage

The data storage layer uses LevelDB for persistent storage and Redis for caching. It also implements a Merkle tree for data integrity validation.

// Store data
dataStore.StoreData("key", "value")

// Retrieve data
value, err := dataStore.GetData("key")
Consensus

The consensus layer implements the Raft algorithm for leader election and log replication.

// Propose a transaction
success, err := consensusManager.ProposeTransaction("key", "value")
Network Communication

The network layer handles communication between nodes using gRPC.

// Broadcast a transaction to all peers
networkManager.BroadcastTransaction("key", "value")
Security

The security layer provides TLS encryption and ECDSA signatures.

// Sign data
signature, err := securityManager.SignData(data)

// Verify signature
isValid := securityManager.VerifySignature(data, signature, publicKey)

Development

Project Structure
  • client/: Client application for interacting with the system
    • client.go: Client implementation
    • run-demo.sh: Demo script for automating client requests
  • protoc/: .proto definitions
  • system/: Auth-node implementation
    • data_storage.go: Data storage implementation
    • consensus.go: Raft consensus implementation
    • network.go: Network communication implementation
    • security.go: Security features implementation
    • sync.go: Synchronization and checkpointing implementation
    • grpc_service.go: gRPC service implementation
  • main.go: Main application entry point
  • transaction.proto: Protocol buffer definition
  • docker-compose.yaml: Demo script for running a cluster of nodes
  • Dockerfile: Building the auth-node container
  • Dockerfile.client: Building the auth-client container
  • .gitignore: Specifies files and directories to be excluded from version control
  • LICENSE: MIT license file
Adding New Features
  1. Define the feature in the appropriate file
  2. Update the gRPC service if needed
  3. Add tests for the new feature
  4. Update documentation
Regenerating proto
protoc --proto_path=. --go_out=paths=source_relative:. --go-grpc_out=paths=source_relative:. protoc/transaction.proto
Version Control

The project includes a .gitignore file that excludes the following from version control:

  • Compiled binaries and executables
  • Test files and coverage reports
  • Dependency directories
  • IDE-specific files
  • OS-specific files
  • Data directories and nodes directory (data/, nodes/)
  • Database files (*.db, *.log, *.ldb)
  • Redis dumps
  • Certificate files
  • Checkpoint files
  • Temporary files
  • Environment variable files

This ensures that only the source code and necessary configuration files are committed to the repository.

License

This project is licensed under the MIT License - see the LICENSE file for details.

Documentation

The Go Gopher

There is no documentation for this package.

Source Files

View all Source files

Directories

Path Synopsis
system
datastore
interfaces
network
node
node/blockchain
node/raft
security

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.