[英]Django - How to implement authentication service in microservices architecture
Basically, I have several independent services. 基本上,我有几个独立的服务。 I want to build a service for authentication. 我想建立一个身份验证服务。 When client get a token from authentication service. 客户端从身份验证服务获得令牌时。 Client use it for further request to others services. 客户将其用于对其他服务的进一步请求。 Client need to attach that token in header of request. 客户需要将该令牌附加到请求的标头中。 The services receiving token need to verify the token by sending it to authentication server. 接收令牌的服务需要通过将令牌发送到身份验证服务器来对其进行验证。 So all requests that clients make to protected routes need to be verified by authentication service. 因此,客户端对受保护路由的所有请求都需要通过身份验证服务进行验证。 The thing is I do not know the best place to put the code that automatically sends token to authentication service and receive the result. 问题是我不知道放置自动将令牌发送到身份验证服务并接收结果的代码的最佳位置。 Here is what i tried so far: I implemented a middleware like that: 到目前为止,这是我尝试过的:我实现了这样的中间件:
class VerifyTokenMiddleware(object):
def process_request(self, request):
if not request.META.get('HTTP_AUTHORIZATION'):
return HttpResponse(status=404)
auth_header = request.META.get('HTTP_AUTHORIZATION')
token = auth_header[4:]
response = requests.post(AUTH_URL, {"token": token})
if response.status_code == 400:
return HttpResponse(status=403)
return None
However, the problem of my solution is every requests to services(not auth service) have to pass through that middleware. 但是,我的解决方案的问题是对服务(不是auth服务)的每个请求都必须通过该中间件。 Therefore, client cannot access unprotected routes like before. 因此,客户端无法像以前一样访问不受保护的路由。 Any help is extremely appreciated. 任何帮助都非常感谢。 :D :D
I used django restframework jwt https://github.com/GetBlimp/django-rest-framework-jwt . 我使用了django restframework jwt https://github.com/GetBlimp/django-rest-framework-jwt 。
It have many way to desiged microservice, you can write file restfull method like 它有多种设计微服务的方法,您可以编写文件restfull方法,例如
class RestFulClient:
@classmethod
def get(cls, url, loggers, headers):
return is_success, status_code, data
@classmethod
def post(cls, url, headers, loggers, params={}):
return is_success, status_code, status_message, data
@classmethod
def put(cls, url, headers, loggers, params={}):
return is_success, status_code, status_message, data
@classmethod
def delete(cls, url, headers, loggers, params={}):
return is_success, status_code, status_message
Any question? 任何问题?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.