Integrate securiy middleware based on keycloak with backend #52
Description
Most endpoints in the backend which are specific to user needs to be protected with JWT token of the user. Otherwise it should be forbidden.
Rough Steps:
- user logs in with keycloak and obtains a JWT Integrate keycloak auth with frontend #45
- endpoints talking to our backend provide the JWT, no other requests should use the same JWT
- a method to verify security talks with the keycloak pod to retrieve user information, if sucessful, processes the request. If not, returns 401.