This part of the tutorials covers how to perform Authentication and Authorization between microservices.
Authentication: Refers to verify who you are, so you need to use username and password for authentication.
Authorization: Refers to what you can do, for example access, edit or delete permissions to some documents, and this happens after verification passes.
JWT: (Json Web Token) is an open standard (RFC 7519) that defines the Token format, defines the Token content, encrypts it, and provides lib for various languages.
Read more how is work, click here
Path | Method | Scheme | Grant |
---|---|---|---|
/api/user | POST | ANY | ALL |
/api/user | GET | ANY | ALL |
/api/user/login | POST | ANY | ALL |
/api/user/password | PUT | ANY | ALL |
/api/token/refresh | POST/GET | ANY | ALL |
/api/cert | GET | ANY | ALL |
Path | Method | Scheme | Grant |
---|---|---|---|
/api/admin/users | POST | ANY | ALL |
/api/admin/users | GET | ANY | ALL |
/api/admin/users/{id} | GET | ANY | ALL |
/api/admin/users/{id} | PUT | ANY | ALL |
- PHP 7.4
- Symfony 5.0
- MySQL 8.0
Run migrations:
php bin/console doctrine:migrations:migrate
Add docker machine IP to /etc/hosts:
127.0.0.1 auth.test
MySQL open https://localhost:8081 and use login and password:
server: auth_mysql_1
user: root
password: root
make pre-commit
Microservices Authentication and Authorization Solutions
Securing Microservices: The API gateway, authentication and authorization
Authentication and Authorization in Microservices
User authentication and authorization with shared session in a micro-services architecture
Dykyi Roman, e-mail: [email protected]