Added NGINX proxy for app/api and improved documentation

Author: flavienbwk

.env.example

@@ -0,0 +1,21 @@
+FLASK_API_VERSION="1.1"
+FLASK_SERVER_NAME="My API Project"
+FLASK_SERVER_DESCRIPTION="Dockerized Flask API boilerplate using an LDAP and token-based authentication"
+FLASK_SECRET_KEY="Some secret key"
+FLASK_LEVEL="dev" # dev, test or prod
+LOG_LEVEL="DEBUG" # DEBUG, INFO, WARNING or ERROR
+
+LDAP_ORGANISATION="My Company"
+LDAP_DOMAIN="mycompany.com"
+LDAP_HOST="ldap"
+LDAP_SCHEME="ldap" # "ldaps" if using secure LDAP, "ldap" else
+LDAP_PORT=389
+LDAP_USERS_DN="dc=mycompany,dc=com"
+LDAP_ADMIN_DN="cn=admin,dc=mycompany,dc=com"
+LDAP_ADMIN_PASSWORD="adminpwd"
+
+POSTGRES_HOST="database"
+POSTGRES_PORT=5432
+POSTGRES_USER="myproject"
+POSTGRES_PASSWORD="myprojectpwd"
+POSTGRES_DB="myproject"

.gitignore

@@ -1,8 +1,8 @@
 .vscode/
 
+.env
+
 web/app/node_modules/
-ldap/
 logs/
-migrations/
 
 api/database.mwb.bak

README.md

@@ -6,7 +6,7 @@
     </a>
     <a href="https://codebeat.co/projects/github-com-flavienbwk-reactjs-flask-ldap-boilerplate-master"><img alt="codebeat badge" src="https://codebeat.co/badges/940a0bd0-5aa5-4f96-b6fc-39b6e1b7e14b" /></a>
 </p>
-<p align="center">ReactJS + Flask + Docker<br/>boilerplate using a token-based LDAP authentication</p>
+<p align="center">ReactJS + Flask + Docker (+ K8S)<br/>boilerplate using a token-based LDAP authentication</p>
 
 > :smiley: Suggestions and feedbacks are [highly appreciated](https://github.com/flavienbwk/reactjs-flask-ldap-boilerplate/issues/new)
 
@@ -20,12 +20,13 @@
 - Flask-Migrate
 - Flask-SQLAlchemy (PostgreSQL was chosen)
 - [Logging and logs rotation](./api/app/utils/Logger.py#L12)
-- [Choose](./app/app/src/App.js#L64) between sidebar and navbar (or use both !)
+- [Choose](./app/app/src/App.js#L65) between sidebar and navbar (or use both !)
 - Responsive design
+- Production and development builds
 
 ## API documentation
 
-I chose to use Swagger to document the API. Just run the API following the steps below and browse to [`http://localhost:5000`](http://localhost:5000)
+I chose to use Swagger to document the API. Run the API following the steps below and go to [`http://localhost:5000`](http://localhost:5000).
 
 Here you can take a look at the database architecture scheme :
 
@@ -35,76 +36,76 @@ Here you can take a look at the database architecture scheme :
 
 > Reminder : there is no `password` field because we use LDAP for authentication.
 
-## Setting up the API
+## Getting started (development)
 
 The API is made to run with an LDAP server for managing users. Whether use the provided Docker LDAP server or remove the conf. in [`docker-compose.yml`](./docker-compose.yml) and use your own LDAP server.
 
 This section will explain to you how to run this project and set-up the LDAP server with one user.
 
-### Starting services
+### 1. Starting authentication services
 
-First, please change the database/LDAP passwords and keys in `docker-compose.yml`
+1. Copy the `.env.example` to `.env`
 
-Then, run :
+    ```bash
+    cp .env.example .env
+    ```
 
-```bash
-docker-compose up ldap phpldapadmin database adminer -d
-```
+    > This is a good practice so your `.env` can't be committed along with your modifications (is in `.gitignore`)
+
+2. Change the database/LDAP passwords and keys in `.env`
+
+    You can now run :
 
-> **adminer** (PostgreSQL management) will be available through `http://localhost:8082`  
-> **phpLDAPAdmin** (LDAP management) will be available through `https://localhost:8081`
+    ```bash
+    docker-compose up ldap phpldapadmin database adminer -d
+    ```
 
-### Creating the first user in the LDAP
+- **adminer** (PostgreSQL management) will be available at `http://localhost:8082`  
+- **phpLDAPAdmin** (LDAP management) will be available at `https://localhost:8081`
 
-Access phpLDAPAdmin with : `https://localhost:8081`
+### 2. Creating the first user in the LDAP
 
-If you are not familiar with LDAP, [read my LDAP user creation guide](./CREATE_LDAP_USER.md) to add your first user
+Access phpLDAPAdmin at `https://localhost:8081` and [follow the LDAP user creation guide](./CREATE_LDAP_USER.md) to add your first user
 
-### Run the API
+### 3. NGINX reverse-proxy
 
-The database will be automatically set-up thanks to Flask Migrate and any future modification brought to [models](./api/app/model) will be automatically applied to the database when the API is **restarted**.
+This boilerplate includes NGINX as a reverse proxy so we can have a unique endpoint for our app and API. Else, we would have to open two endpoints : one for the app, the other for the API.
 
 ```bash
-docker-compose up api
+docker-compose up --build -d nginx
 ```
 
-Access the API and its documentation browsing [`http://localhost:5000`](http://localhost:5000)
+NGINX will auto restart until you have started the app and API below.
 
-## Setting up the web application
+### 4. Run the API
 
-:clock9: This step may take quite a lot of time due to npm's initial modules download
+The database will be automatically set-up thanks to Flask Migrate and any future modification brought to [models](./api/app/model) will be automatically applied when the API is **restarted**.
 
-Just run :
+You might wait some time before the database get updated after starting the API :
 
 ```bash
-# Build is quick, **first** launch is long (expect at least 5 min.)
-docker-compose up app
+docker-compose up --build -d api
 ```
 
-You can now enjoy the app on [`http://localhost:8080`](http://localhost:8080)
-
-> :information_source: If you want to add a dependency, just stop & re-launch a `docker-compose up app`. You won't have to wait as for first launch.
-
-## Why using LDAP authentication ?
+> For development, go to [`http://localhost:5000`](http://localhost:5000) to access the API documentation
 
-LDAP services are used in a lot of companies and institutions around the world to manage their user accounts and rights in a central place.
+### 5. Run the web application
 
-With this boilerplate, you will be able to develop corporate-ready services AND avoid yourself the troubles of developing registration / password forgotten / change password / profile update code.
+:clock9: NPM's initial install may take quite a lot of time
 
-## Left TODOs
+Start the app :
 
-API :
+```bash
+# Expect several minutes for first launch (npm install)
+docker-compose up --build -d app
+```
 
-_Completed_
+You can now enjoy the app on [`http://localhost:8080`](http://localhost:8080)
 
-App :
+> :information_source: If you want to add a NPM package, just stop & re-launch `docker-compose up app`.
 
-_Completed_
+## Why using LDAP authentication ?
 
-Architecture :
+LDAP services are used in a lot of companies and institutions around the world to manage their user accounts and rights in a central place.
 
-- [P3] Add "Deploy to prod" guide in README
-- [P3] Create a `prod.docker-compose.yml` file that :
-  - Uses NGINX with SSL
-  - Builds & serves the front-end
-  - Disables Swagger UI
+With this boilerplate, you will be able to develop corporate-ready services AND avoid yourself the troubles of developing registration / password forgotten / change password / profile update code.

api/Dockerfile

@@ -1,7 +1,7 @@
 FROM python:3.7-alpine
 
 # python-ldap requirements
-RUN apk add openldap-dev libc-dev gcc
+RUN apk update && apk add openldap-dev libc-dev gcc g++
 
 # psycopg2 requirements
 RUN apk add libpq python3-dev musl-dev postgresql-dev

api/app/app.py

@@ -21,5 +21,6 @@ def create_app():
     app = Flask(__name__)
     app.register_error_handler(404, page_not_found)
     app.config.from_object(config_by_name[FLASK_LEVEL])
+    os.environ["FLASK_ENV"] = config_by_name[FLASK_LEVEL].FLASK_ENV
     database.initDatabase(app)
     return app

api/app/config.py

@@ -20,18 +20,21 @@ class Config:
 
 class DevelopmentConfig(Config):
     DEBUG = True
-    SQLALCHEMY_TRACK_MODIFICATIONS = False
+    SQLALCHEMY_TRACK_MODIFICATIONS = True
+    FLASK_ENV = "development"
 
 
 class TestingConfig(Config):
     DEBUG = True
     TESTING = True
     PRESERVE_CONTEXT_ON_EXCEPTION = False
     SQLALCHEMY_TRACK_MODIFICATIONS = False
+    FLASK_ENV = "development"
 
 
 class ProductionConfig(Config):
     DEBUG = False
+    FLASK_ENV = "production"
 
 
 config_by_name = dict(