Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Organize user and authentication in microservice architecture

Tags:

authentication

architecture

spring

authorization

microservices

in our microservices we will have custom authentication / authorization service a.k.a. UAA right? It make me sense to have user controller for login, token verification or creating user.

But there is second use case. We also want have some user administration for adding favorites contacts to user, fill profile with some additional information, user addresses and so on. In second use-case I would like to have second micro-service for that purpose. What do you recommend or what is the best practice in for that?

  1. have one micro-service for user management like his profile, his contacts, credentials and also login / token providing

  2. have two micro-services - one for managing user credentials, token providing (uaa) and second for user additional info

  3. have two micro-services - one for complete separated user management, and second for authentication, token providing, and will consume rest api of user service if it will need some user data, or verify user credentials

For me is 3. option fine for that but I would like to listen your opinions.

like image 319
Denis Stephanov Avatar asked Mar 03 '23 04:03

Denis Stephanov

1 Answers

My recommendation is to have two microservices:

  1. One for user management like his profile, his contacts, credentials. On this microservices users will create accounts, send reset password and so on.

  2. one for authorization (ex: Oauth2 with JWT Token). This microservice will be used only for authorization (in case of ouath2 and JWT for generate JWT tokens based on username/mail and password).

When a user will create an account, a request with user credentials and permisions will be made to authorization microservice to notify that a new user was created. Same for user reset password or delete user.

The authorization microservice will receive that request and save user credentials and permisions in own database, example Redis or PosgreSQL. Every user that will login in your service/application will first call authorization microservice, will receive a jwt token that contain user metadata (name, role and other information) and using that token will send request to other microservices of your application/service, example for user management, orders service or other.

like image 156
MihaiGhita Avatar answered Mar 23 '23 04:03

MihaiGhita
Sign in to Comment

Related questions

Spring Data JPA Foreign Key in Child not persisting
How to link another html page in Spring Boot Thymeleaf Template Engine?
Use application.properties value in interface annotation
Spring Reactive - reuse Mono value
Spring Data JPA .save() method is not saving in the database
Spring Boot Filter error, Failed to register after unregistered Filter
@GetMapping with array parameters by application.yml
Spring boot application for background workers
Spring @Autowired not working in some classes
antMatchers for a list of paths
Does OneToMany(fetch=FetchType.EAGER) executes N+1 queries
Spring JpaRepository find entities from attribute using unconventional naming
Invalid flag -parameters in java 1.7
Does Spring Version 4.3.20 work with Java 11? [duplicate]
How to broadcast messages in Spring Reactive Websocket API?
Spring Security - POST method for antMatcher (not antMatchers)
Multiple Access token with one refresh token
What is a Grouped Flux and how exactly do we work with one?
Request is not send without block()
How to inject(custructor) a spring bean into abstract mapper of Mapstruct?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!