Skip to content
This repository has been archived by the owner on Jan 9, 2021. It is now read-only.
/ daily-shit Public archive

DailyShit is an example microservice newspaper.

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

jdc-lab/daily-shit

BranchesTags

Repository files navigation

daily-shit

Abandoned: The successor of this microservice-experiment is scayle.

DailyShit is an example microservice newspaper.

  • frontend:
    • website
  • gateway
  • microservices
    • user service
    • post service
    • comment service
    • newsletter service
    • ...

website <-> Gateway (graphql)
gateway <-> microservices (gRPC)
microservice <-> microservice (nats)

database: mongo db

Permissions

The idea is to check the jwt token for each request to the gateway automatically and then just pass the received claims from the gateway to each subsequent microservice.
So the actual permissions are only validated one time -> less overhead
The microservices are still able to decide themselves if they allow or deny something by checking the claims.

Note that this means that there is no security at all if the gateway is bypassed so from the outside everything should always go through the gateway.

Development requirements

Run

consul

To just run the consul container:
make consul-start Services will be able to register to it using localhost:8500 (default setting for the services) even if they do not run in docker.

You can access the consul ui by http://localhost:8500/ui/

local

This starts the services without docker. Note that they still need a consul instance which can still be started through docker (see above).

User service:

  • optionally if you changed the proto definitions: go generate ./user-service .
  • make user-service

gateway

The gateway is currently using graphql (just because I wanted to experiment with it).
It exposes an api which can be used from the outside.

It exposes a playground ui at http://localhost:8080/ which can be used to test some queries:

Example requests: login (admin, admin is automatically available)

mutation {
  login(username: "admin", password: "admin") {
    id
    token
  }
}

returns

{
  "data": {
    "login": {
      "id": "311a96cd-f01f-4148-8454-c7df62577f7d",
      "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc0FkbWluIjp0cnVlLCJ1c2VySWQiOiIzMTFhOTZjZC1mMDFmLTQxNDgtODQ1NC1jN2RmNjI1NzdmN2QiLCJleHBpcmVzIjoxNjAzMTM5MTIyfQ.IMPTE6RmGDIrLX56UQ7-5luXCnWtkomlVr-s-P0DKsM"
    }
  }
}

Now you need to use this token to craft a bearer header.
You can do this by setting the HTTP Headers at the bottom of the playground ui:

{
  "Authorization": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc0FkbWluIjp0cnVlLCJ1c2VySWQiOiIzMTFhOTZjZC1mMDFmLTQxNDgtODQ1NC1jN2RmNjI1NzdmN2QiLCJleHBpcmVzIjoxNjAzMTM5MTIyfQ.IMPTE6RmGDIrLX56UQ7-5luXCnWtkomlVr-s-P0DKsM"
}

After that you can get a user or, if you are admin, create a new one.
get user

query {
  user(id:"311a96cd-f01f-4148-8454-c7df62577f7d"){
    id, name, email
  }
}

create user

mutation {
 	createUser(newUser:{
    username: "aligator",
    email: "aligator@suncraft-server.de",
    password: "superpassword",
    isAdmin: false
  }){
    id
  }
}

About

DailyShit is an example microservice newspaper.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages