Reputation: 387
NestJS - JWT Authentication with microservices
I am currently playing with NestJS' microservices and authentication, and I am facing a problem for which I don't have a clear solution.
Let's imagine I have an API gateway balancing the calls to multiple microservices. I would like to enable authentication (via JWT tokens) and retreive the user information for every process I might call on any microservice.
The problem I am facing is that I don't know where to decode the token.
- Should the API gateway decode the token and proxy the HTTP request to the microservice by appending the user data to it ?
- Should the end microservice decode the token instead of the gateway ?
I feel confident implementing both of them, I just cannot figure out if they are good practicesor if there is a better solution I haven't thought of yet.
Upvotes: 4
Views: 5138
Answers (1)
Reputation: 2383
The best way to do this by use the flow in below.
- Request go from client to API gateway.
- API gateway will call auth microservice to decode the token.
- Auth microservice will verify this token and decode it. then call db to get user data then send user data to API gateway.
- Now API gateway have the user data. then will inject headers like
x-user-id,x-user-name,x-user-email. and call microservice-x.
Lets say microservice-x will create and record in table then call microservice-z to send email.
- Microservice-x will receive request to create record in table for user id
x-user-id. then call microservice-z to send email byx-user-email.
Upvotes: 7
Related Questions
- NestJS JWT Strategy requires a secret or key
- NestJS jwt-passport Authentication
- Node Microservices Authentication
- NestJs JWT Authentication returns 401
- How to use JwtService in nestjs middlware?
- How to use chain of jwt strategies in NestJS?
- NestJs authentication using jwt and private and public key
- NestJs - Unable to get user auth response on Bearer Token
- nestjs extends jwt guard
- Authentication failure while using nestjs authentication