ephemeral
Reputation: 439
Django Microservices authentication
I was reading about Microservices in django , and came to know in Microservices we keep small services separately and they can operate individually . if I am not wrong about this concept how I will validate using JWT token from a user from one Database to use that in 2nd Microservices ? ?
Upvotes: 4
Views: 1804
Answers (1)
tokuch
Reputation: 106
In typical JWT concept you have auth server(AC) and multiple resources servers(your domain µservices), and flow looks like:
- client (aka clientA, frontend for example) sends request to AC for jwt token (for example POST to /authenticate with username and password)
- when clientA was authenticated AC returns jwt token
- clientA sends request to some resource on your µservice (aka µserviceA) with jwt token in header ("Authorization: Bearer ...")
- µserviceA sends request to AC to confirm that token is valid, if so, µserviceA can accept request from your client and handle it
Your clientA may also be another µservice. Your µserviceA knows the user's roles from jwt token (after decoding) and simply can block request when roles are not appropriate.
Upvotes: 8
Related Questions
- jwt - Django-rest-framework-jwt authentication in microsevices
- Django Authentication through API
- Django: Authorization using query parameters
- Sharing database relations across micro-services with Django rest framework
- Django admin + authentication system in microservice architecture
- can we use django authentication as a micro service in different project?
- django authorization
- Django Authenticate Backend Multiple Databases
- Django User Authentication
- Django Authentication Backend