Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Django admin + authentication system in microservice architecture

I have a large Django project which is basically a monolith containing apps. I need to break it to microservices.

I have 2 questions that I couldn't find a clear answers to:

  1. Currently we're using Django admin extensively and I wonder if it's possible to continue using it once the monolith is broken. It means reading and manipulating data from all the microservices in a "used to work on" UI. It would also be helpful for this process to be done more smoothly.

  2. Authentication and authorization - Would we still be able to use this built in "app" in a microservice architecture? Is it possible to take this pare only to another service and communicate with it over HTTP?

like image 675
mrgoos Avatar asked May 20 '18 14:05

mrgoos


People also ask

How do you implement authentication in microservice?

To perform authentication based on entity context, you must receive information about the end-user and propagate it to downstream microservices. A simple way to achieve this is to take an Access Token received at the edge and transfer it to individual microservices.

Can Django be used for microservices?

Yes. If you know Django it's just as easy to do so as flask and others.

How microservices communicate with each other in Django?

You could use a microservices architecture to build this. Instead of sharing databases between two applications you have them communicate with each other through web requests. Django would shoot a request to your other app with the relevant data, and the other server would respond back with the results.

How would you implement SSO for microservice architecture?

Suppose here we use Keycloak(an open source software product to allow single sign-on(SSO) with Identity and Access Management). After implementing Keycloak ,user will redirected to Keycloak. Here i will authenticate the users. After that this token will come back to UI,then UI will submit with its service request.


1 Answers

Currently we're using Django admin extensively and I wonder if it's possible to continue using it once the monolith is broken. It means reading and manipulating data from all the microservices in a "used to work on" UI. It would also be helpful for this process to be done more smoothly.

Yes, you can but it may not access the other microservices databases (neither write nor read). This means that if the Admin microservice update some Article (or whatever entity types you have, this is just an example) then this is not reflected immediately in the microservice that displays that Article. You need to have some mechanism to transfer the updates from the Admin to the other microservices. So shared databases/tables is not an option.

Authentication and authorization - Would we still be able to use this built in "app" in a microservice architecture? Is it possible to take this pare only to another service and communicate with it over HTTP?

Yes, but you need to split it into two sides. One side is responsible for managing users and roles/permissions and the other is responsible to authenticate the users and to check if a user may perform some action.

The first side should be a microservices (the creation/administration or users and the managing of roles/permissions).

The checking part can be a microservice but those responsibilities are in general taken by the API gateway or by a module (+ local, replicated data) in every microservice that need authentication or authorisation. These are cross-cutting concerns. If they reside in a separate microservice then there is the problem of resilience: if that microservice fails then it brings down you entire system.

like image 102
Constantin Galbenu Avatar answered Oct 22 '22 09:10

Constantin Galbenu