# venus-auth

venus-auth is the unified authorization service of venus chain services (venus shared modules/components).

  • Permission validation
  • Trace collection
  • RESTful API
  • Manage users
  • Request rate limit

# Start venus-auth

Download source code.

git clone https://github.com/filecoin-project/venus-auth.git



Start daemon.

$ ./venus-auth run

# Configurations

# Service Ports
Port = "8989"
ReadTimeout = "1m"
WriteTimeout = "1m"
IdleTimeout = "1m"

  # Supports: badger (default), mysql
  type = "badger"
  # following params only applies to MySQL
  DSN = "rennbon:111111@("
  # conns 1500 concurrent
  maxOpenConns = 64
  maxIdleConns = 128
  maxLifeTime = "120s"
  maxIdleTime = "30s"

  # trace, debug, info, warning, error, fatal, panic
  # default log level
  logLevel = trace
  # db type, 1 -> influxDB
  type = 1
  # db hook switch
  hookSwitch = true

  # enable trace or not
  JaegerTracingEnabled = true
  # collection rate
  ProbabilitySampler = 1.0
  JaegerEndpoint = ""
  ServerName = "venus-auth"


Default config file path is ~/.venus-auth/config.tml.

# CLI commands

Check help informations.

./venus-auth -h

   venus-auth - A new cli application

   venus-auth [global options] command [command options] [arguments...]


   run      run venus-auth daemon
   token    token command
   user     user command
   help, h  Shows a list of commands or help for one command

   --config value, -c value  config dir path
   --help, -h                show help (default: false)
   --version, -v             print the version (default: false)

# Notable commands

Generate tokens.

$ ./venus-auth token gen --perm admin testminer

# output
generate token success: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoidGVzdG1pbmVyIiwicGVybSI6ImFkbWluIiwiZXh0IjoiIn0.8yNodOcALJ8fy4h-Hh5yLfaR27cD4a8ePd9BkmWlfEo

List all tokens

# show help
$ ./venus-auth token list -h
   venus-auth token list - list token info

   venus-auth token list [command options] [arguments...]

   --skip value   (default: 0)
   --limit value  max value:100 (default: 20) (default: 20)
   --help, -h     show help (default: false)

$ ./venus-auth token list

# output
num    name             perm    createTime              token
1      testminer1       read    2021-05-27 15:33:24     eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoidGVzdG1pbmVyIiwicGVybSI6InJlYWQiLCJleHQiOiIifQ.7BRN8IXzK9Gpe35OPgCelTC79UuirgM23mO7fHxKr2Q
2      testminer2       sign    2021-05-27 15:33:15     eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoidGVzdG1pbmVyIiwicGVybSI6InNpZ24iLCJleHQiOiIifQ.D_IFz2qZjFRkLJEzmv4HkZ3rZxukYoYZXEjlBKZmGOA
3      testminer3       admin   2021-07-21 16:46:29     eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoidGVzdG1pbmVyIiwicGVybSI6ImFkbWluIiwiZXh0IjoiIn0.8yNodOcALJ8fy4h-Hh5yLfaR27cD4a8ePd9BkmWlfEo
4      testminer4       admin   2021-05-27 15:33:19     eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoidGVzdG1pbmVyIiwicGVybSI6ImFkbWluIiwiZXh0IjoiIn0.oakIfSg1Iiv1T2F1BtH1bsb_1GeXWuirdPSjvE5wQLs
5      testminer5       write   2021-05-27 15:33:29     eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoidGVzdG1pbmVyIiwicGVybSI6IndyaXRlIiwiZXh0IjoiIn0.yVC2lZlmBQAxThTt0pLXH9cZgUZuuM6Us19aUw4DWNQ

Get token

./venus-auth token get --name [name] or --token [token]

./venus-auth token get --name testminer2

# output
name:        testminer2
perm:        sign
create time: 2021-05-27 15:33:15 +0800 CST
token:       eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoidGVzdG1pbmVyIiwicGVybSI6InNpZ24iLCJleHQiOiIifQ.D_IFz2qZjFRkLJEzmv4HkZ3rZxukYoYZXEjlBKZmGOA

Remove token.

$ ./venus-auth token rm eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoidGVzdG1pbmVyIiwicGVybSI6ImFkbWluIiwiZXh0IjoiIn0.8yNodOcALJ8fy4h-Hh5yLfaR27cD4a8ePd9BkmWlfEo

# output
remove token success: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoidGVzdG1pbmVyIiwicGVybSI6ImFkbWluIiwiZXh0IjoiIn0.8yNodOcALJ8fy4h-Hh5yLfaR27cD4a8ePd9BkmWlfEo

Recover token

./venus-auth token recover eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoidGVzdG1pbmVyIiwicGVybSI6ImFkbWluIiwiZXh0IjoiIn0.8yNodOcALJ8fy4h-Hh5yLfaR27cD4a8ePd9BkmWlfEo

# output
recover token success: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoidGVzdG1pbmVyIiwicGVybSI6ImFkbWluIiwiZXh0IjoiIn0.8yNodOcALJ8fy4h-Hh5yLfaR27cD4a8ePd9BkmWlfEo

Add user.

$ ./venus-auth user add testminer2

# output
add user success: f29d524a-1589-4784-b934-5b3432290f79, next can add miner for this user

Query user.

$ ./venus-auth user get testminer2

# output
name: testminer2
sourceType: 0   // miner:1
state 0         // 0: disable, 1: enable
createTime: Wed, 21 Jul 2021 16:56:50 CST
updateTime: Wed, 21 Jul 2021 16:56:50 CST

List users.

# show help
$ ./venus-auth user list -h
   venus-auth user list - list users

   venus-auth user list [command options] [arguments...]

   --skip value        (default: 0)
   --limit value       (default: 20)
   --state value       (default: 0)
   --sourceType value  (default: 0)
   --help, -h          show help (default: false)

$ ./venus-auth user list

# output
number: 1
name: testminer
sourceType: 0   // miner:1
state 0         // 0: disable, 1: enable
comment: test
createTime: Mon, 31 May 2021 18:41:55 CST
updateTime: Mon, 31 May 2021 18:41:55 CST

number: 2
name: li_sealer
sourceType: 0   // miner:1
state 0         // 0: disable, 1: enable
comment: li
createTime: Tue, 01 Jun 2021 14:35:35 CST
updateTime: Tue, 01 Jun 2021 14:35:35 CST

Update user.

# show help
$ ./venus-auth user udpate -h
   venus-auth user update - update user

   venus-auth user update [command options] [arguments...]

   --name value
   --comment value
   --sourceType value  (default: 0)
   --state value       (default: 0)
   --help, -h          show help (default: false)

$ ./venus-auth user update --name testminer2 --state 1

# output
update user success

Check if miner exists.

$ ./venus-auth user has f01570

# output

Activate user.

./venus-auth user active testminer2

# output
active user success

Remove user

./venus-auth user rm testminer2

# output
remove user success

Recover user

./venus-auth user recover testminer2

# output
recover user success

Add miner

./venus-auth user miner testminer2 f010101

# output
create user:testminer2 miner:f010101 success.

List miners by user

./venus-auth user miner list testminer2

# output
user: testminer2, miner count:1
idx  miner    create-time                    
0    f010101  Tue, 24 May 2022 16:58:49 CST 

Remove miner

./venus-auth user miner rm f010101

# output
remove miner:f010101 success.
$ ./venus-auth user rate-limit -h

# output
   venus-auth user rate-limit - A new cli application

   venus-auth user rate-limit command [command options] [arguments...]

   add      add user request rate limit
   update   update user request rate limit
   get      get user request rate limit
   del      delete user request rate limit
   help, h  Shows a list of commands or help for one command

   --help, -h  show help (default: false)

Add rate limit.

# show help
   venus-auth user rate-limit add - add user request rate limit

   venus-auth user rate-limit add [command options] user rate-limit add <name> <limitAmount> <duration(2h, 1h:20m, 2m10s)>

   --id value  rate limit id to update
   --help, -h  show help (default: false)

$ ./venus-auth user rate-limit add testminer2 10 1m

# output
upsert user rate limit success: dee7e326-3b8b-4e38-9de7-1bee9bdffa9d

Update rate limit.

$ ./venus-auth user rate-limit update testminer2 dee7e326-3b8b-4e38-9de7-1bee9bdffa9d 100 1m

# output
upsert user rate limit success: dee7e326-3b8b-4e38-9de7-1bee9bdffa9d

Query rate limit.

$ ./venus-auth user rate-limit get testminer2

# output
user:testminer2, limit id:dee7e326-3b8b-4e38-9de7-1bee9bdffa9d, request limit amount:100, duration:0.02(h)

Remove rate limit.

$ ./venus-auth user rate-limit del testminer2 dee7e326-3b8b-4e38-9de7-1bee9bdffa9d

# output
delete rate limit success, dee7e326-3b8b-4e38-9de7-1bee9bdffa9d