Skip to content

lumoslabs/platform-interview

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits

src

src

 
 

.editorconfig

.editorconfig

 
 

.gitignore

.gitignore

 
 

.tool-versions

.tool-versions

 
 

README.md

README.md

 
 

gen-token.js

gen-token.js

 
 

package-lock.json

package-lock.json

 
 

package.json

package.json

 
 

self_signed.cert

self_signed.cert

 
 

self_signed.key

self_signed.key

 
 

Repository files navigation

Purpose

This project exists as a basis on which programming interviews might proceed. For example, we might ask a candidate to add support to update users. Perhaps we'd ask a candidate to add support for Typescript and update one module.

Setup

# Setup dependencies
npm install

# To generate a JWT token
npm run gen-token

# To run the server
npm run start

Generic Service

This project includes a generic HTTP service of the sort folks working on the Platform team might encounter. It provides a read-only API that allows one to request information on users, games, and game plays by user.

Authentication

The /user-related resources provided by this API expect a valid JWT to be sent via the HTTP Authorization header. Without a valid JWT, those requests will result in HTTP 403 responses.

As needed, the gen-token.js script at the root of this project can be used to generate a valid JWT, like so (actual JWT truncated for brevity):

❯ npm run gen-token
eyJhbGciOiJSUzI1NiIsIn...
{
  aud: 'https://fake-api.lumosity.com',
  iss: 'https://accounts.lumosity.com',
  sub: 'lumos|1234',
  iat: 1649441167,
  exp: 1649527567
}

NOTE: The JWT payload is printed following the Base64-encoded JWT as a convenience, for the curious.

Using the JWT

To use the JWT in requests to this service, one would set it as the value of an HTTP Authorization header, as a Bearer token, like so (JWT truncated for brevity):

❯ curl -s \
  -H "Authorization: Bearer eyJhbGciOiJSUzI1NiIsIn..." \
  localhost:8080/user

Addenda

JWT Signatures

To sign and verify JWTs generated by and for this project, we use a self-signed certificate that can be found (along with its private key) at the root of this project.

The steps used to generate that keypair were as follows:

# Generate a private key.
❯ openssl genrsa -out self_signed.key 4096
...

# Generate the public certificate using that key.
❯ openssl req -new -x509 -key self_signed.key -out self_signed.cert -days 365 \
  -subj "/C=US/ST=CA/L=San Francisco/O=Lumos Labs/OU=Platform/CN=interview-cert"

❯ openssl x509 -in self_signed.cert -noout -subject -issuer -dates
subject= /C=US/ST=CA/L=San Francisco/O=Lumos Labs/OU=Platform/CN=interview-cert
issuer= /C=US/ST=CA/L=San Francisco/O=Lumos Labs/OU=Platform/CN=interview-cert
notBefore=Apr  8 17:30:32 2022 GMT
notAfter=Apr  8 17:30:32 2023 GMT

About

An example HTTP service used for consistent coding interviews.

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

6 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages