This guide covers deploying our open source authentication platform in your infrastructure.

System Requirements

• Docker 20.10+
• PostgreSQL 14+
• Redis 6+
• 2 CPU cores, 4GB RAM minimum

Docker Deployment

version: '3.8'
services:
  auth-server:
    image: authcompany/server:latest
    environment:
      - DATABASE_URL=postgres://user:pass@db:5432/auth
      - REDIS_URL=redis://redis:6379
    ports:
      - "8080:8080"
    depends_on:
      - db
      - redis

Configuration

Create config.yaml:

server:
  port: 8080
  host: 0.0.0.0
database:
  pool_size: 20
security:
  jwt_secret: "your-secret-key"

Backup & Recovery

Regular backups are essential. Use our backup script:

./scripts/backup.sh --full

For detailed configuration options, see our configuration reference.

Protect your authentication endpoints with configurable rate limiting rules.

Basic Configuration

rateLimits:
  login:
    windowMs: 900000 # 15 minutes
    max: 5 # limit each IP to 5 requests per windowMs
  register:
    windowMs: 3600000 # 1 hour
    max: 3
  passwordReset:
    windowMs: 3600000
    max: 3

Custom Rules

const customLimiter = rateLimit({
  keyGenerator: (req) => {
    return req.headers['x-api-key'] || req.ip;
  },
  handler: (req, res) => {
    res.status(429).json({
      error: 'Too many requests',
      retryAfter: 60
    });
  }
});

Redis-Based Rate Limiting

const redisStore = new RedisStore({
  client: redisClient,
  prefix: 'rl:'
});

const limiter = rateLimit({
  store: redisStore,
  windowMs: 15 * 60 * 1000,
  max: 100
});

Bypass Rules

const bypassList = ['trusted-ip-1', 'trusted-ip-2'];

if (bypassList.includes(req.ip)) {
  return next();
}

For distributed rate limiting, see our scaling guide.