Server challenges
27 Jun 2026Task Description
Develop an HTTP server to function as an authentication server. This server should support the following essential operations:
- User Authentication: generating a JWT for users as detailed under the
/authendpoint. - User Management: manage user accounts and permissions via the
User Managementendpoints.
Due to potential security threats, implement robust mechanisms at the /auth endpoint to mitigate unauthorized access by:
- Blocking IP subnets;
- Restricting specific users.
For user IP address identification, utilize the X-Forwarded-For HTTP header.
The full API contract is described in the OpenAPI specification.
Input Files
Before testing, preload the following user data and resources (mounted read-only at /storage/data):
/storage/data/users.jsonl: newline-delimited JSON user records (login,password,name,phone,country, optionalis_admin)./storage/data/GeoLite2-City-CSV/*: the MaxMind GeoLite2 database in CSV format.
The server must complete all startup work (loading data, building in-memory structures) within 5 seconds before it starts handling requests.
Scoring
Your server is benchmarked against a fixed workload. The score is the total time to process all requests plus a 1-second penalty per incorrect response - lower is better.
Submission
Package your server as a Docker image and push it to the registry (see the “How to submit” panel). Pushing a new image automatically queues a benchmark run.