This is an example as how a system with 3 services and JWT (JSON Web Tokens) works.
Instead of heaving the authentication at the same service as the resources are, we devide those into two dedicated services. Public-key cryptography is being used where the authorization has access to the user database and can generate tokens using the private key (jwt-key), while the resource server can use those to grant access to the API using the public key (jwt-key.pub). This way only one service has access to the database which includes the hashed passwords and potential many more information, while other services can verify the tokens without having to make a call to the authentication server.
The existing private and public keys exist ONLY as an example. You could create your own key set by typing (and naming them jwt_token):
ssh-keygen -t rsa -b 4096 -m pem
python3.11 libpython3.11-dev (Ubuntu) or similar for other OS for installation of uWSGI and a C compiler (gcc and clang are supported)
You can also use the docker-compose.
- From the auth folder enter the virtual enviroment, install the libraries and start the server:
python3.11 -m venv env
source env/bin/activate
pip install -r requirements.txt
uwsgi --ini uwsgi.ini --honour-std
- From the resources-server folder enter the virtual enviroment, install the libraries and start the server:
python3.11 -m venv env
source env/bin/activate
pip install -r requirements.txt
uwsgi --ini uwsgi.ini --honour-std
Build and start the containers:
docker-compose build
docker-compose up
- From the client folder enter the virtual enviroment, install the libraries and start the server:
python3.11 -m venv env
source env/bin/activate
pip install -r requirements.txt
python client.py
Both servers can be tested by typing from each folder:
python -m pytest tests