replace users with user (#113)

2026-01-16 04:54:42 +00:00 · 2021-05-19 14:08:50 +01:00
parent bd8e354e1c
commit d4e19d5b61
10 changed files with 491 additions and 427 deletions
--- a/user/Dockerfile
+++ b/user/Dockerfile
@@ -0,0 +1,3 @@
+FROM alpine:3.2
+ADD users /users
+ENTRYPOINT [ "/users" ]
--- a/user/Makefile
+++ b/user/Makefile
@@ -0,0 +1,27 @@
+
+GOPATH:=$(shell go env GOPATH)
+.PHONY: init
+init:
+	go get -u github.com/golang/protobuf/proto
+	go get -u github.com/golang/protobuf/protoc-gen-go
+	go get github.com/micro/micro/v3/cmd/protoc-gen-micro
+	go get github.com/micro/micro/v3/cmd/protoc-gen-openapi
+.PHONY: proto
+proto:
+	protoc --proto_path=. --micro_out=. --go_out=:. proto/user.proto
+
+.PHONY: api
+api:
+	protoc --openapi_out=. --proto_path=. proto/user.proto
+
+.PHONY: build
+build:
+	go build -o user *.go
+
+.PHONY: test
+test:
+	go test -v ./... -cover
+
+.PHONY: docker
+docker:
+	docker build . -t user:latest
--- a/user/README.md
+++ b/user/README.md
@@ -0,0 +1,6 @@
+User management and authentication
+
+# Users Service
+
+The users service provides user management and authentication
+
--- a/user/domain/domain.go
+++ b/user/domain/domain.go
@@ -0,0 +1,150 @@
+package domain
+
+import (
+	"errors"
+	"time"
+
+	"github.com/micro/micro/v3/service/model"
+	user "github.com/micro/services/user/proto"
+)
+
+type pw struct {
+	ID       string `json:"id"`
+	Password string `json:"password"`
+	Salt     string `json:"salt"`
+}
+
+type Domain struct {
+	user      model.Model
+	sessions  model.Model
+	passwords model.Model
+
+	nameIndex  model.Index
+	emailIndex model.Index
+	idIndex    model.Index
+}
+
+func New() *Domain {
+	nameIndex := model.ByEquality("username")
+	nameIndex.Unique = true
+	nameIndex.Order.Type = model.OrderTypeUnordered
+
+	emailIndex := model.ByEquality("email")
+	emailIndex.Unique = true
+	emailIndex.Order.Type = model.OrderTypeUnordered
+
+	// @todo there should be a better way to get the default index from model
+	// than recreating the options here
+	idIndex := model.ByEquality("id")
+	idIndex.Order.Type = model.OrderTypeUnordered
+
+	return &Domain{
+		user: model.New(user.Account{}, &model.Options{
+			Indexes: []model.Index{nameIndex, emailIndex},
+		}),
+		sessions:   model.New(user.Session{}, nil),
+		passwords:  model.New(pw{}, nil),
+		nameIndex:  nameIndex,
+		emailIndex: emailIndex,
+		idIndex:    idIndex,
+	}
+}
+
+func (domain *Domain) CreateSession(sess *user.Session) error {
+	if sess.Created == 0 {
+		sess.Created = time.Now().Unix()
+	}
+
+	if sess.Expires == 0 {
+		sess.Expires = time.Now().Add(time.Hour * 24 * 7).Unix()
+	}
+
+	return domain.sessions.Create(sess)
+}
+
+func (domain *Domain) DeleteSession(id string) error {
+	return domain.sessions.Delete(domain.idIndex.ToQuery(id))
+}
+
+func (domain *Domain) ReadSession(id string) (*user.Session, error) {
+	sess := &user.Session{}
+	// @todo there should be a Read in the model to get rid of this pattern
+	return sess, domain.sessions.Read(domain.idIndex.ToQuery(id), &sess)
+}
+
+func (domain *Domain) Create(user *user.Account, salt string, password string) error {
+	user.Created = time.Now().Unix()
+	user.Updated = time.Now().Unix()
+	err := domain.user.Create(user)
+	if err != nil {
+		return err
+	}
+	return domain.passwords.Create(pw{
+		ID:       user.Id,
+		Password: password,
+		Salt:     salt,
+	})
+}
+
+func (domain *Domain) Delete(id string) error {
+	return domain.user.Delete(domain.idIndex.ToQuery(id))
+}
+
+func (domain *Domain) Update(user *user.Account) error {
+	user.Updated = time.Now().Unix()
+	return domain.user.Create(user)
+}
+
+func (domain *Domain) Read(id string) (*user.Account, error) {
+	user := &user.Account{}
+	return user, domain.user.Read(domain.idIndex.ToQuery(id), user)
+}
+
+func (domain *Domain) Search(username, email string, limit, offset int64) ([]*user.Account, error) {
+	var query model.Query
+	if len(username) > 0 {
+		query = domain.nameIndex.ToQuery(username)
+	} else if len(email) > 0 {
+		query = domain.emailIndex.ToQuery(email)
+	} else {
+		return nil, errors.New("username and email cannot be blank")
+	}
+
+	user := []*user.Account{}
+	return user, domain.user.Read(query, &user)
+}
+
+func (domain *Domain) UpdatePassword(id string, salt string, password string) error {
+	return domain.passwords.Create(pw{
+		ID:       id,
+		Password: password,
+		Salt:     salt,
+	})
+}
+
+func (domain *Domain) SaltAndPassword(username, email string) (string, string, error) {
+	var query model.Query
+	if len(username) > 0 {
+		query = domain.nameIndex.ToQuery(username)
+	} else if len(email) > 0 {
+		query = domain.emailIndex.ToQuery(email)
+	} else {
+		return "", "", errors.New("username and email cannot be blank")
+	}
+
+	user := &user.Account{}
+	err := domain.user.Read(query, &user)
+	if err != nil {
+		return "", "", err
+	}
+
+	query = model.QueryEquals("id", user.Id)
+	query.Order.Type = model.OrderTypeUnordered
+
+	password := &pw{}
+	err = domain.passwords.Read(query, password)
+	if err != nil {
+		return "", "", err
+	}
+	return password.Salt, password.Password, nil
+}
--- a/user/generate.go
+++ b/user/generate.go
@@ -0,0 +1,3 @@
+package main
+
+//go:generate make proto
--- a/user/handler/handler.go
+++ b/user/handler/handler.go
@@ -0,0 +1,174 @@
+package handler
+
+import (
+	"crypto/rand"
+	"encoding/base64"
+	"strings"
+	"time"
+
+	"github.com/micro/micro/v3/service/errors"
+	"github.com/micro/services/user/domain"
+	pb "github.com/micro/services/user/proto"
+	"golang.org/x/crypto/bcrypt"
+	"golang.org/x/net/context"
+)
+
+const (
+	x = "cruft123"
+)
+
+var (
+	alphanum = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"
+)
+
+func random(i int) string {
+	bytes := make([]byte, i)
+	for {
+		rand.Read(bytes)
+		for i, b := range bytes {
+			bytes[i] = alphanum[b%byte(len(alphanum))]
+		}
+		return string(bytes)
+	}
+	return "ughwhy?!!!"
+}
+
+type User struct {
+	domain *domain.Domain
+}
+
+func NewUser() *User {
+	return &User{
+		domain: domain.New(),
+	}
+}
+
+func (s *User) Create(ctx context.Context, req *pb.CreateRequest, rsp *pb.CreateResponse) error {
+	if len(req.Password) < 8 {
+		return errors.InternalServerError("user.Create.Check", "Password is less than 8 characters")
+	}
+	salt := random(16)
+	h, err := bcrypt.GenerateFromPassword([]byte(x+salt+req.Password), 10)
+	if err != nil {
+		return errors.InternalServerError("user.Create", err.Error())
+	}
+	pp := base64.StdEncoding.EncodeToString(h)
+
+	return s.domain.Create(&pb.Account{
+		Id:       req.Id,
+		Username: strings.ToLower(req.Username),
+		Email:    strings.ToLower(req.Email),
+	}, salt, pp)
+}
+
+func (s *User) Read(ctx context.Context, req *pb.ReadRequest, rsp *pb.ReadResponse) error {
+	account, err := s.domain.Read(req.Id)
+	if err != nil {
+		return err
+	}
+	rsp.Account = account
+	return nil
+}
+
+func (s *User) Update(ctx context.Context, req *pb.UpdateRequest, rsp *pb.UpdateResponse) error {
+	return s.domain.Update(&pb.Account{
+		Id:       req.Id,
+		Username: strings.ToLower(req.Username),
+		Email:    strings.ToLower(req.Email),
+	})
+}
+
+func (s *User) Delete(ctx context.Context, req *pb.DeleteRequest, rsp *pb.DeleteResponse) error {
+	return s.domain.Delete(req.Id)
+}
+
+func (s *User) Search(ctx context.Context, req *pb.SearchRequest, rsp *pb.SearchResponse) error {
+	accounts, err := s.domain.Search(req.Username, req.Email, req.Limit, req.Offset)
+	if err != nil {
+		return err
+	}
+	rsp.Accounts = accounts
+	return nil
+}
+
+func (s *User) UpdatePassword(ctx context.Context, req *pb.UpdatePasswordRequest, rsp *pb.UpdatePasswordResponse) error {
+	usr, err := s.domain.Read(req.UserId)
+	if err != nil {
+		return errors.InternalServerError("user.updatepassword", err.Error())
+	}
+	if req.NewPassword != req.ConfirmPassword {
+		return errors.InternalServerError("user.updatepassword", "Passwords don't math")
+	}
+
+	salt, hashed, err := s.domain.SaltAndPassword(usr.Username, usr.Email)
+	if err != nil {
+		return errors.InternalServerError("user.updatepassword", err.Error())
+	}
+
+	hh, err := base64.StdEncoding.DecodeString(hashed)
+	if err != nil {
+		return errors.InternalServerError("user.updatepassword", err.Error())
+	}
+
+	if err := bcrypt.CompareHashAndPassword(hh, []byte(x+salt+req.OldPassword)); err != nil {
+		return errors.Unauthorized("user.updatepassword", err.Error())
+	}
+
+	salt = random(16)
+	h, err := bcrypt.GenerateFromPassword([]byte(x+salt+req.NewPassword), 10)
+	if err != nil {
+		return errors.InternalServerError("user.updatepassword", err.Error())
+	}
+	pp := base64.StdEncoding.EncodeToString(h)
+
+	if err := s.domain.UpdatePassword(req.UserId, salt, pp); err != nil {
+		return errors.InternalServerError("user.updatepassword", err.Error())
+	}
+	return nil
+}
+
+func (s *User) Login(ctx context.Context, req *pb.LoginRequest, rsp *pb.LoginResponse) error {
+	username := strings.ToLower(req.Username)
+	email := strings.ToLower(req.Email)
+
+	salt, hashed, err := s.domain.SaltAndPassword(username, email)
+	if err != nil {
+		return err
+	}
+
+	hh, err := base64.StdEncoding.DecodeString(hashed)
+	if err != nil {
+		return errors.InternalServerError("user.Login", err.Error())
+	}
+
+	if err := bcrypt.CompareHashAndPassword(hh, []byte(x+salt+req.Password)); err != nil {
+		return errors.Unauthorized("user.login", err.Error())
+	}
+	// save session
+	sess := &pb.Session{
+		Id:       random(128),
+		Username: username,
+		Email:    email,
+		Created:  time.Now().Unix(),
+		Expires:  time.Now().Add(time.Hour * 24 * 7).Unix(),
+	}
+
+	if err := s.domain.CreateSession(sess); err != nil {
+		return errors.InternalServerError("user.Login", err.Error())
+	}
+	rsp.Session = sess
+	return nil
+}
+
+func (s *User) Logout(ctx context.Context, req *pb.LogoutRequest, rsp *pb.LogoutResponse) error {
+	return s.domain.DeleteSession(req.SessionId)
+}
+
+func (s *User) ReadSession(ctx context.Context, req *pb.ReadSessionRequest, rsp *pb.ReadSessionResponse) error {
+	sess, err := s.domain.ReadSession(req.SessionId)
+	if err != nil {
+		return err
+	}
+	rsp.Session = sess
+	return nil
+}
--- a/user/main.go
+++ b/user/main.go
@@ -0,0 +1,22 @@
+package main
+
+import (
+	"github.com/micro/micro/v3/service"
+	"github.com/micro/micro/v3/service/logger"
+	"github.com/micro/services/user/handler"
+	proto "github.com/micro/services/user/proto"
+)
+
+func main() {
+	service := service.New(
+		service.Name("user"),
+	)
+
+	service.Init()
+
+	proto.RegisterUserHandler(service.Server(), handler.NewUser())
+
+	if err := service.Run(); err != nil {
+		logger.Fatal(err)
+	}
+}
--- a/user/proto/user.pb.go
+++ b/user/proto/user.pb.go
--- a/user/proto/user.pb.micro.go
+++ b/user/proto/user.pb.micro.go
@@ -0,0 +1,229 @@
+// Code generated by protoc-gen-micro. DO NOT EDIT.
+// source: proto/user.proto
+
+package user
+
+import (
+	fmt "fmt"
+	proto "github.com/golang/protobuf/proto"
+	math "math"
+)
+
+import (
+	context "context"
+	api "github.com/micro/micro/v3/service/api"
+	client "github.com/micro/micro/v3/service/client"
+	server "github.com/micro/micro/v3/service/server"
+)
+
+// Reference imports to suppress errors if they are not otherwise used.
+var _ = proto.Marshal
+var _ = fmt.Errorf
+var _ = math.Inf
+
+// This is a compile-time assertion to ensure that this generated file
+// is compatible with the proto package it is being compiled against.
+// A compilation error at this line likely means your copy of the
+// proto package needs to be updated.
+const _ = proto.ProtoPackageIsVersion3 // please upgrade the proto package
+
+// Reference imports to suppress errors if they are not otherwise used.
+var _ api.Endpoint
+var _ context.Context
+var _ client.Option
+var _ server.Option
+
+// Api Endpoints for User service
+
+func NewUserEndpoints() []*api.Endpoint {
+	return []*api.Endpoint{}
+}
+
+// Client API for User service
+
+type UserService interface {
+	Create(ctx context.Context, in *CreateRequest, opts ...client.CallOption) (*CreateResponse, error)
+	Read(ctx context.Context, in *ReadRequest, opts ...client.CallOption) (*ReadResponse, error)
+	Update(ctx context.Context, in *UpdateRequest, opts ...client.CallOption) (*UpdateResponse, error)
+	Delete(ctx context.Context, in *DeleteRequest, opts ...client.CallOption) (*DeleteResponse, error)
+	Search(ctx context.Context, in *SearchRequest, opts ...client.CallOption) (*SearchResponse, error)
+	UpdatePassword(ctx context.Context, in *UpdatePasswordRequest, opts ...client.CallOption) (*UpdatePasswordResponse, error)
+	Login(ctx context.Context, in *LoginRequest, opts ...client.CallOption) (*LoginResponse, error)
+	Logout(ctx context.Context, in *LogoutRequest, opts ...client.CallOption) (*LogoutResponse, error)
+	ReadSession(ctx context.Context, in *ReadSessionRequest, opts ...client.CallOption) (*ReadSessionResponse, error)
+}
+
+type userService struct {
+	c    client.Client
+	name string
+}
+
+func NewUserService(name string, c client.Client) UserService {
+	return &userService{
+		c:    c,
+		name: name,
+	}
+}
+
+func (c *userService) Create(ctx context.Context, in *CreateRequest, opts ...client.CallOption) (*CreateResponse, error) {
+	req := c.c.NewRequest(c.name, "User.Create", in)
+	out := new(CreateResponse)
+	err := c.c.Call(ctx, req, out, opts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+func (c *userService) Read(ctx context.Context, in *ReadRequest, opts ...client.CallOption) (*ReadResponse, error) {
+	req := c.c.NewRequest(c.name, "User.Read", in)
+	out := new(ReadResponse)
+	err := c.c.Call(ctx, req, out, opts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+func (c *userService) Update(ctx context.Context, in *UpdateRequest, opts ...client.CallOption) (*UpdateResponse, error) {
+	req := c.c.NewRequest(c.name, "User.Update", in)
+	out := new(UpdateResponse)
+	err := c.c.Call(ctx, req, out, opts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+func (c *userService) Delete(ctx context.Context, in *DeleteRequest, opts ...client.CallOption) (*DeleteResponse, error) {
+	req := c.c.NewRequest(c.name, "User.Delete", in)
+	out := new(DeleteResponse)
+	err := c.c.Call(ctx, req, out, opts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+func (c *userService) Search(ctx context.Context, in *SearchRequest, opts ...client.CallOption) (*SearchResponse, error) {
+	req := c.c.NewRequest(c.name, "User.Search", in)
+	out := new(SearchResponse)
+	err := c.c.Call(ctx, req, out, opts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+func (c *userService) UpdatePassword(ctx context.Context, in *UpdatePasswordRequest, opts ...client.CallOption) (*UpdatePasswordResponse, error) {
+	req := c.c.NewRequest(c.name, "User.UpdatePassword", in)
+	out := new(UpdatePasswordResponse)
+	err := c.c.Call(ctx, req, out, opts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+func (c *userService) Login(ctx context.Context, in *LoginRequest, opts ...client.CallOption) (*LoginResponse, error) {
+	req := c.c.NewRequest(c.name, "User.Login", in)
+	out := new(LoginResponse)
+	err := c.c.Call(ctx, req, out, opts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+func (c *userService) Logout(ctx context.Context, in *LogoutRequest, opts ...client.CallOption) (*LogoutResponse, error) {
+	req := c.c.NewRequest(c.name, "User.Logout", in)
+	out := new(LogoutResponse)
+	err := c.c.Call(ctx, req, out, opts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+func (c *userService) ReadSession(ctx context.Context, in *ReadSessionRequest, opts ...client.CallOption) (*ReadSessionResponse, error) {
+	req := c.c.NewRequest(c.name, "User.ReadSession", in)
+	out := new(ReadSessionResponse)
+	err := c.c.Call(ctx, req, out, opts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+// Server API for User service
+
+type UserHandler interface {
+	Create(context.Context, *CreateRequest, *CreateResponse) error
+	Read(context.Context, *ReadRequest, *ReadResponse) error
+	Update(context.Context, *UpdateRequest, *UpdateResponse) error
+	Delete(context.Context, *DeleteRequest, *DeleteResponse) error
+	Search(context.Context, *SearchRequest, *SearchResponse) error
+	UpdatePassword(context.Context, *UpdatePasswordRequest, *UpdatePasswordResponse) error
+	Login(context.Context, *LoginRequest, *LoginResponse) error
+	Logout(context.Context, *LogoutRequest, *LogoutResponse) error
+	ReadSession(context.Context, *ReadSessionRequest, *ReadSessionResponse) error
+}
+
+func RegisterUserHandler(s server.Server, hdlr UserHandler, opts ...server.HandlerOption) error {
+	type user interface {
+		Create(ctx context.Context, in *CreateRequest, out *CreateResponse) error
+		Read(ctx context.Context, in *ReadRequest, out *ReadResponse) error
+		Update(ctx context.Context, in *UpdateRequest, out *UpdateResponse) error
+		Delete(ctx context.Context, in *DeleteRequest, out *DeleteResponse) error
+		Search(ctx context.Context, in *SearchRequest, out *SearchResponse) error
+		UpdatePassword(ctx context.Context, in *UpdatePasswordRequest, out *UpdatePasswordResponse) error
+		Login(ctx context.Context, in *LoginRequest, out *LoginResponse) error
+		Logout(ctx context.Context, in *LogoutRequest, out *LogoutResponse) error
+		ReadSession(ctx context.Context, in *ReadSessionRequest, out *ReadSessionResponse) error
+	}
+	type User struct {
+		user
+	}
+	h := &userHandler{hdlr}
+	return s.Handle(s.NewHandler(&User{h}, opts...))
+}
+
+type userHandler struct {
+	UserHandler
+}
+
+func (h *userHandler) Create(ctx context.Context, in *CreateRequest, out *CreateResponse) error {
+	return h.UserHandler.Create(ctx, in, out)
+}
+
+func (h *userHandler) Read(ctx context.Context, in *ReadRequest, out *ReadResponse) error {
+	return h.UserHandler.Read(ctx, in, out)
+}
+
+func (h *userHandler) Update(ctx context.Context, in *UpdateRequest, out *UpdateResponse) error {
+	return h.UserHandler.Update(ctx, in, out)
+}
+
+func (h *userHandler) Delete(ctx context.Context, in *DeleteRequest, out *DeleteResponse) error {
+	return h.UserHandler.Delete(ctx, in, out)
+}
+
+func (h *userHandler) Search(ctx context.Context, in *SearchRequest, out *SearchResponse) error {
+	return h.UserHandler.Search(ctx, in, out)
+}
+
+func (h *userHandler) UpdatePassword(ctx context.Context, in *UpdatePasswordRequest, out *UpdatePasswordResponse) error {
+	return h.UserHandler.UpdatePassword(ctx, in, out)
+}
+
+func (h *userHandler) Login(ctx context.Context, in *LoginRequest, out *LoginResponse) error {
+	return h.UserHandler.Login(ctx, in, out)
+}
+
+func (h *userHandler) Logout(ctx context.Context, in *LogoutRequest, out *LogoutResponse) error {
+	return h.UserHandler.Logout(ctx, in, out)
+}
+
+func (h *userHandler) ReadSession(ctx context.Context, in *ReadSessionRequest, out *ReadSessionResponse) error {
+	return h.UserHandler.ReadSession(ctx, in, out)
+}
--- a/user/proto/user.proto
+++ b/user/proto/user.proto
@@ -0,0 +1,147 @@
+syntax = "proto3";
+
+package user;
+
+option go_package = "./proto;user";
+
+service User {
+	rpc Create(CreateRequest) returns (CreateResponse) {}
+	rpc Read(ReadRequest) returns (ReadResponse) {}
+	rpc Update(UpdateRequest) returns (UpdateResponse) {}
+	rpc Delete(DeleteRequest) returns (DeleteResponse) {}
+	rpc Search(SearchRequest) returns (SearchResponse) {}
+	rpc UpdatePassword(UpdatePasswordRequest) returns (UpdatePasswordResponse) {}
+	rpc Login(LoginRequest) returns (LoginResponse) {}
+	rpc Logout(LogoutRequest) returns (LogoutResponse) {}
+	rpc ReadSession(ReadSessionRequest) returns(ReadSessionResponse) {}
+}
+
+message Account {
+	// unique account id
+	string id = 1;
+	// alphanumeric username
+	string username = 2;
+	// an email address
+	string email = 3;
+	// unix timestamp
+	int64 created = 4;
+	// unix timestamp
+	int64 updated = 5;
+}
+
+message Session {
+	// the session id
+	string id = 1;
+	// account username
+	string username = 2;
+	// account email
+	string email = 3;
+	// unix timestamp
+	int64 created = 4;
+	// unix timestamp
+	int64 expires = 5;
+}
+
+// Create a new user account
+message CreateRequest {
+	// the acccount id
+	string id = 1;
+	// the username
+	string username = 2;
+	// the email address
+	string email = 3;
+	// the user password
+	string password = 4;
+}
+
+message CreateResponse {
+}
+
+// Delete an account by id
+message DeleteRequest {
+	// the account id
+	string id = 1;
+}
+
+message DeleteResponse {
+}
+
+// Read an account by id
+message ReadRequest {
+	// the account id
+	string id = 1;
+}
+
+message ReadResponse {
+	Account account = 1;
+}
+
+// Update the account username or email
+message UpdateRequest {
+	// the account id
+	string id = 1;
+	// the new username
+	string username = 2;
+	// the new email address
+	string email = 3;
+}
+
+message UpdateResponse {
+}
+
+// Update the account password
+message UpdatePasswordRequest {
+	// the account id
+	string userId = 1;
+	// the old password
+	string oldPassword = 2;
+	// the new password
+	string newPassword = 3;
+	// confirm new password
+	string confirm_password = 4;
+}
+
+message UpdatePasswordResponse {
+}
+
+// Search for an account
+message SearchRequest {
+	string username = 1; 
+	string email = 2; 
+	int64 limit = 3;
+	int64 offset = 4;
+}
+
+message SearchResponse {
+	repeated Account accounts = 1;
+}
+
+// Read a session by id
+message ReadSessionRequest {
+    string sessionId = 1;
+}
+
+message ReadSessionResponse {
+    Session session = 1;
+}
+
+
+// Login a user account
+message LoginRequest {
+    string username = 1;
+    string email = 2;
+    string password = 3;
+}
+
+message LoginResponse {
+    Session session = 1;
+}
+
+// Logout a user account
+message LogoutRequest {
+    string sessionId = 1;
+}
+
+message LogoutResponse {
+}
+