Module Structure - Wiz-DevTech/prettygirllz GitHub Wiki
identity-access/
├── core/ # Business logic
│ ├── auth/ # Authentication
│ │ ├── authenticator.js # Main auth logic
│ │ ├── strategies/ # Auth strategies (JWT, OAuth, etc.)
│ │ └── auth.spec.js # Unit tests
│ │
│ ├── authz/ # Authorization
│ │ ├── policy-manager.js # RBAC/ABAC policies
│ │ └── authz.spec.js
│ │
│ └── token/ # Token service
│ ├── token-provider.js # JWT/Opaque tokens
│ └── token.spec.js
│
├── adapters/ # External integrations
│ ├── http/ # REST API layer
│ │ ├── auth-router.js # Express/Fastify routes
│ │ └── error-handler.js # API error formatting
│ │
│ ├── grpc/ # gRPC service layer
│ │ ├── authz-service.proto # Protocol buffers
│ │ └── server.js # gRPC implementation
│ │
│ └── database/ # Persistence
│ ├── user-repository.js # DB operations
│ └── models/ # ORM/schemas
│
├── config/ # Configuration
│ ├── roles.js # Role definitions
│ └── security.js # Encryption settings
│
├── lib/ # Shared utilities
│ ├── encryption.js # Crypto functions
│ └── logger.js # Instrumentation
│
└── index.js # Public API
1. Dependency Injection
// Example: Testable authenticator with mock dependencies
class Authenticator {
constructor({ tokenService, userRepository, logger }) {
// Injected dependencies
}
}Ports & Adapters Pattern
Database and external services implemented as swappable adapters
Easy mocking for unit tests
Test Pyramid Structure
bash
tests/
├── unit/ # Isolated business logic
├── integration/ # Adapter integrations
└── contract/ # API contract tests
Reusable Public API
javascript
// index.js - Facade pattern
module.exports = (config) => {
const encryption = require('./lib/encryption')(config);
const userRepo = require('./adapters/database/user-repository')({ encryption });
return {
auth: {
login: require('./core/auth/authenticator')({ userRepo }),
strategies: require('./core/auth/strategies')
},
authz: {
checkAccess: require('./core/authz/policy-manager')
},
tokens: require('./core/token/token-provider')
};
};
Usage Example:
javascript
const iam = require('identity-access')(config);
// In your API route
app.post('/login', async (req, res) => {
const token = await iam.auth.login(req.body);
res.json({ token });
});
Test Scaffolding Example
javascript
// auth.spec.js
describe('Authentication', () => {
let authenticator;
const mockUserRepo = {
findByEmail: jest.fn().mockResolvedValue({
passwordHash: 'valid_hash'
})
};
beforeEach(() => {
authenticator = new Authenticator({
userRepository: mockUserRepo,
logger: fakeLogger
});
});
it('rejects invalid credentials', async () => {
await expect(
authenticator.login('[email protected]', 'wrong_pass')
).rejects.toThrow('Invalid credentials');
});
});
Design Benefits
Testability
* Pure business logic without IO concerns
* Easy mocking via dependency injection
Reusability
* Works with any web framework (Express, Fastify, NestJS)
* Database-agnostic repository pattern
Security
* Encryption as a standalone service
* Token validation decoupled from issuance
Deployment Flexibility
Can be:
* NPM package for monolithic apps
* Docker container for microservices
* Lambda function for serverless