Table of contents
Pros and cons of microservices
Microservice Authentication and Authorization Implementation Ideas
Authentication pre-authorization process
Pre-knowledge points
What are microservices
Microservices (or microservices architecture) is a cloud-native architectural approach that includes many small, loosely coupled components or services within a single application that can be deployed independently.
These services typically have their own technology stack, including a database and data management model; communicate with each other through a combination of REST APIs, event streams, and message brokers; and are organized by business capabilities, with service separation lines commonly referred to as bounded contexts.
Pros and cons of microservices
advantage
1. Reduce the coupling degree: split the modules, use the interface to communicate, and reduce the coupling degree between modules.
2. Clear responsibilities: Divide the project into several sub-projects, and different teams are responsible for different sub-projects.
3. Easy to expand: When adding functions, you only need to add another sub-item, and call the interface of other systems.
4. Convenient deployment: distributed deployment can be performed flexibly. carry
5. High code reusability: For example, in the service layer, if the distributed REST service architecture is not used, a service layer logic must be written on each end of PC, Android, and IOS. The development volume is large, and it is difficult to maintain and upgrade together. At this time, the distributed REST service method can be used to share a service layer.
shortcoming
The interaction between systems requires remote communication, and interface development increases the workload, but the advantages outweigh the disadvantages.
The nature of microservices
1. The key to microservices is not only the microservice itself, but the system must provide a set of basic architecture, which enables microservices to be independently deployed, run, and upgraded. Moreover, this system architecture also allows microservices to interact with The microservices are "loosely coupled" in structure, but function as a unified whole. This so-called "unified whole" shows a unified style interface, unified authority management, unified security policy, unified online process, unified log and audit method, unified access entrance, unified scheduling method, etc. .
2. The purpose of microservices is to effectively split applications and achieve agile development and service deployment.
Microservice Authentication and Authorization Implementation Ideas
Next is the focus of today, let's take a look. How to achieve the authentication and authorization we want in microservices?
Authentication pre-authorization process
(1) Based on Session, at this time SpringSecurity will analyze the sessionid in the cookie, find the session information stored in the server, and then judge whether the current user meets the requirements of the request.
(2) The other is based on token information, which will parse out the token, and then add the current request to the permission information managed by Spring Security
If there are many modules in our system, and each module needs to be authenticated and authorized, then we should choose token-based authentication and authorization. Of course, as a user, we should complete the authentication function according to the username and password, and then obtain the current user himself The role and a series of permission values of this role, we can use the user name as part of the key, and the permission list as the value to store it in the redis cache, generate a token based on the information related to the user name and return it, and the browser will record the token in In the cookie, each subsequent call to the api interface will carry the token into the header request header by default. SpringSecurity gets the token information in the header, then parses the data, gets the current user name after parsing the token, and generates a key based on the user name. The permission list can be obtained from the redis cache, so that Spring Security can determine whether the current request has permission to access.
Well, that's all for the relevant information about microservices and permission schemes.
Welcome everyone to click on the card below to pay attention to "coder trainees"