Django Authentication for Microservices

Hello everyone,

I am exploring the backend field and I need your help as I am working on building a microservice application for a warehouse. This application consists of the following services:

  1. Main (Gateway and display of the following services)
  2. Accounts (User management and viewing user info)
  3. Configuration (Product configuration, addition, and selection)
  4. Printing (Product printing)
  5. Inspection (Product inspection)
  6. Dashboard (Analytics)

I want to implement a central authentication system where a user, once signed into the Main service, should be able to access other services such as Accounts, Printing, etc.

I am exploring JWT authentication using DRF in Django and Django CAS. My requirement is quite simple; I just need to provide a username and password for login.

Can you guys tell me which of the above methods to use, or if my requirement can be achieved by Django’s default authentication? Please provide any links if you find anything related to the implementation.

Thank you!

It seems you want that the users who so ever visit the site they should first login in order to access other pages right?

Once they are logged in only then they can go to all these particular pages:

  1. Main (Gateway and display of the following services)
  2. Accounts (User management and viewing user info)
  3. Configuration (Product configuration, addition, and selection)
  4. Printing (Product printing)
  5. Inspection (Product inspection)
  6. Dashboard (Analytics)

Yes,
Initially user will visit Main(Gateway) application and login in to the service.
we will handle all the routing from there on in backend

Okay, so for all the views I’ve handled the user’s login within the urls.py by creating a super_required, it will check if user’s type and if user is logged in then allow to render the particular view.

from django.urls import path, include
from django.contrib.auth.decorators import user_passes_test
from . import views

def super_required(view_func=None, redirect_field_name=None, login_url=None):
    actual_decorator = user_passes_test(
        lambda u: u.is_active and u.is_staff or u.is_superuser,
        login_url=login_url,
        redirect_field_name=redirect_field_name
    )
    if view_func:
        return actual_decorator(view_func)

    return actual_decorator


urlpatterns = [
    path('', super_required(views.AdminHome.as_view()), name="admin_home"),
    
    path('customer/', super_required(views.CustomerListView.as_view()), name="customer_list"),
    path('customer/<int:id>/', super_required(views.customer_update), name="customer_update"),
]

Hope this above code might help you…

I am looking in an option for JWT Token with CAS Integration.
Where my Main application can generate tokens and other services acts as a CAS clients.

please share any links that might be helpful.

Okay got it, you are looking for the system similar to developers API provided by different products like meta, google, twitter, etc which can be consumed via client_id and client_secret.

Well I don’t have any reference docs or links right now, maybe someone else might help you in this >>>.

1 Like