The OPP Backend serves as the core API component of the Open Park Project, providing endpoints for ticket management, car registration, and user management.
# Build and run with Docker Compose (auth service bypassed)
docker-compose build
docker-compose upWhen running in development mode:
- API is available at http://localhost:8080
- Auth service is bypassed
- Set
DEBUG_MODE=trueenvironment variable to bypass authentication (already set indocker-compose.yml)
# Run the published container image
docker run -p 8080:8080 ghcr.io/openparkproject/opp-backend:latestThe authentication system follows a modern, secure pattern:
Client → Nginx → Auth Service → JWT Token → Backend API
-
Authentication Service: A separate service handles user authentication
- Processes login/registration requests via
/sessionendpoints - Issues JWT tokens signed with a private key
- Exposes a public key for token verification
- Processes login/registration requests via
-
Backend Authentication:
- Validates JWT tokens passed as Bearer tokens in the Authorization header
- Retrieves the public key from the auth service for verification
- Enforces proper authorization based on JWT claims (permissions/roles)