Hello everyone,
I am exploring the backend field and I need your help as I am working on building a microservice application for a warehouse. This application consists of the following services:
- Main (Gateway and display of the following services)
- Accounts (User management and viewing user info)
- Configuration (Product configuration, addition, and selection)
- Printing (Product printing)
- Inspection (Product inspection)
- Dashboard (Analytics)
I want to implement a central authentication system where a user, once signed into the Main service, should be able to access other services such as Accounts, Printing, etc.
I am exploring JWT authentication using DRF in Django and Django CAS. My requirement is quite simple; I just need to provide a username and password for login.
Can you guys tell me which of the above methods to use, or if my requirement can be achieved by Django’s default authentication? Please provide any links if you find anything related to the implementation.
Thank you!
1 Like
It seems you want that the users who so ever visit the site they should first login in order to access other pages right?
Once they are logged in only then they can go to all these particular pages:
- Main (Gateway and display of the following services)
- Accounts (User management and viewing user info)
- Configuration (Product configuration, addition, and selection)
- Printing (Product printing)
- Inspection (Product inspection)
- Dashboard (Analytics)
Yes,
Initially user will visit Main(Gateway) application and login in to the service.
we will handle all the routing from there on in backend
Okay, so for all the views I’ve handled the user’s login within the urls.py by creating a super_required, it will check if user’s type and if user is logged in then allow to render the particular view.
from django.urls import path, include
from django.contrib.auth.decorators import user_passes_test
from . import views
def super_required(view_func=None, redirect_field_name=None, login_url=None):
actual_decorator = user_passes_test(
lambda u: u.is_active and u.is_staff or u.is_superuser,
login_url=login_url,
redirect_field_name=redirect_field_name
)
if view_func:
return actual_decorator(view_func)
return actual_decorator
urlpatterns = [
path('', super_required(views.AdminHome.as_view()), name="admin_home"),
path('customer/', super_required(views.CustomerListView.as_view()), name="customer_list"),
path('customer/<int:id>/', super_required(views.customer_update), name="customer_update"),
]
Hope this above code might help you…
I am looking in an option for JWT Token with CAS Integration.
Where my Main application can generate tokens and other services acts as a CAS clients.
please share any links that might be helpful.
Okay got it, you are looking for the system similar to developers API provided by different products like meta, google, twitter, etc which can be consumed via client_id and client_secret.
Well I don’t have any reference docs or links right now, maybe someone else might help you in this >>>.
1 Like
Hi, I’m also getting into microservices. I’m migrating my monolithic app to microservices and I’ve had this same problem. I’ve designed an SDK which can be installed in any microservice and allows it to communicate with the authentication service to obtain not only the user’s data, but also their permissions (django permissions). In this way, in my view of a product microservice I can use the “user” in this way:
Example View:
from auth_sdk.permissions import AllowAny, IsAuthenticated, HasPermission
class ProductPriceByRole(APIView):
permission_classes = [IsAuthenticated, HasPermission('view_userprofile')]
def get(self, request, productSlug, format=None):
user = request.user
In the settings.py of the “product” microservice I have to declare the new SDK that is in charge of authentication.
REST_FRAMEWORK = { 'DEFAULT_AUTHENTICATION_CLASSES': [ 'auth_sdk.authentication.JWTAuthentication', ], 'DEFAULT_PERMISSION_CLASSES': [ 'auth_sdk.permissions.IsAuthenticated', ], }
Oh! I forgot… to optimize queries to the authentication microservice, the user is saved in the redis cache (of the microservice where the SDK is installed) to access it more quickly (it is only saved for 1 hour)
The sdk code repository is in my github! agusabas