Merge pull request #1 from Harshvardhan2164/frontend

Frontend

Author: Harshvardhan2164

.gitignore

@@ -1,2 +1,27 @@
 test
-.env
+.env
+
+# Logs
+logs
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+pnpm-debug.log*
+lerna-debug.log*
+
+node_modules
+dist
+dist-ssr
+*.local
+
+# Editor directories and files
+.vscode/*
+!.vscode/extensions.json
+.idea
+.DS_Store
+*.suo
+*.ntvs*
+*.njsproj
+*.sln
+*.sw?

README.md

@@ -1 +1,141 @@
-# Custom-API-Gateway
+# RouteX - Custom API Gateway with Rate Limiting & JWT Authentication
+
+**RouteX** is a **custom-built API Gateway** built from scratch using **Go (backend)** and **React + Vite + TypeScript (frontend)**. It provides:
+
+* **Dynamic Route Mapping** (to upstream services)
+* **JWT & API Key Authentication**
+* **Per-user Rate Limiting (token bucket)**
+* **Admin Panel** to manage API Keys, Routes, and Test APIs
+* **MongoDB Integration** for persistence
+* **Dockerized setup** for easy deployment
+
+## Features
+
+### Backend (Go API Gateway)
+
+1. **Dynamic Route Mapping** → Map `/service-a` → `http://upstream-service-a.local`
+
+2. **Authentication**
+
+   * Supports **JWT** (`Authorization: Bearer <token>`)
+   * Supports **API Key** (`X-API-Key` header)
+
+3. **Rate Limiting**
+
+   * Token bucket per API key/user
+   * Configurable request rate (`N requests/minute`)
+
+4. **MongoDB Integration**
+
+   * `api_keys` collection → stores key + rate limit
+   * `routes` collection → stores path + upstream target
+
+5. **Admin APIs**
+
+   * `/admin/api-keys` → Create/Delete API Keys
+   * `/admin/routes` → Create/Delete Routes
+   * `/admin/generate-token` → Generate JWT for an API Key
+
+### Frontend (React + Vite + TypeScript)
+
+1. **Admin Dashboard** with pages:
+
+   * **API Keys**: Create & manage API keys & rate limits
+   * **Routes**: Create & manage route mappings
+   * **JWT Generator**: Generate a JWT for any API Key
+   * **API Tester**: Test requests through the Gateway with JWT or API Key
+
+2. **Axios API Client**: Communicates with backend
+3. **CORS enabled** for dev (`localhost:5173` → `localhost:8080`)
+
+### Web Client
+
+![](https://github.com/Harshvardhan2164/Custom-API-Gateway/blob/main/assets/home.png)
+
+![](https://github.com/Harshvardhan2164/Custom-API-Gateway/blob/main/assets/api.png)
+
+![](https://github.com/Harshvardhan2164/Custom-API-Gateway/blob/main/assets/test.png)
+
+![](https://github.com/Harshvardhan2164/Custom-API-Gateway/blob/main/assets/jwt.png)
+
+### Authentication Flow
+
+1. **Admin** creates an API Key via admin panel
+2. **JWT Generator** can issue a short-lived JWT for that API Key
+3. Clients call Gateway using **either**:
+
+   * `Authorization: Bearer <jwt>`
+   * `X-API-Key: <raw-api-key>`
+
+Backend validates token → checks MongoDB → enforces rate limit → forwards to upstream service.
+
+### Rate Limiting
+
+Implemented using **Token Bucket Algorithm** per API Key:
+
+* Each API key has a **max tokens** (rate limit)
+* Tokens refill every **minute**
+* Requests consume 1 token → If no tokens left → **429 Too Many Requests**
+
+## Backend API Endpoints
+
+| Method | Path                    | Description                          |
+| ------ | ----------------------- | ------------------------------------ |
+| GET    | `/admin/api-keys`       | List API keys                        |
+| POST   | `/admin/api-keys`       | Create API key `{key, rate_limit}`   |
+| DELETE | `/admin/api-keys/:id`   | Delete API key                       |
+| GET    | `/admin/routes`         | List routes                          |
+| POST   | `/admin/routes`         | Create route `{path, target_url}`    |
+| DELETE | `/admin/routes/:id`     | Delete route                         |
+| POST   | `/admin/generate-token` | Generate JWT for an API Key          |
+| ANY    | `/your-service-path`    | Forwards request to upstream service |
+
+## Frontend Pages
+
+1. **API Keys Manager**: CRUD for API keys
+2. **Routes Manager**: CRUD for route mappings
+3. **JWT Generator**: Input an API key → Get a signed JWT
+4. **API Tester**: Input path, select auth method (JWT/API Key), test request
+
+## Installation and Setup
+
+1. Clone the repository:
+
+    ```bash
+    git clone https://github.com/Harshvardhan2164/Custom-API-Gateway.git
+    cd Custom-API-Gateway/
+    ```
+
+2. **Start MongoDB, Backend & Frontend**
+
+   ```bash
+   docker compose build
+   docker compose up -d
+   ```
+
+3. **Open Admin Panel** → `http://localhost:5173`
+
+4. **Create an API Key** with a rate limit
+
+5. **Create Routes** mapping `/service` → `http://httpbin.org/get` (or any upstream)
+
+6. **Generate JWT** for that API Key
+
+7. **Use API Tester** → send request with JWT or API Key
+
+8. If you exceed the rate limit → **429 Too Many Requests**
+
+## Future Enhancements
+
+* Redis-based distributed rate limiting
+* Multi-route custom rate limits
+* OAuth2 support
+* TLS termination with Nginx
+
+## Contributing
+
+Feel free to fork the repository, open issues, or submit pull requests.
+
+## License
+
+This project is licensed under the MIT License - see the LICENSE file for details.

assets/api.png

@@ -0,0 +1,20 @@
+FROM golang:1.21 AS builder
+
+WORKDIR /app
+
+COPY go.mod go.sum ./
+RUN go mod download
+
+COPY . .
+
+RUN go build -o gateway ./cmd/main.go
+
+FROM gcr.io/distroless/base-debian12
+
+WORKDIR /app
+
+COPY --from=builder /app/gateway .
+
+EXPOSE 8080
+
+CMD ["./gateway"]