NestJS - JWT Authentication with microservices

0
votes

I am currently playing with NestJS' microservices and authentication, and I am facing a problem for which I don't have a clear solution.

Let's imagine I have an API gateway balancing the calls to multiple microservices. I would like to enable authentication (via JWT tokens) and retreive the user information for every process I might call on any microservice.

The problem I am facing is that I don't know where to decode the token.

  • Should the API gateway decode the token and proxy the HTTP request to the microservice by appending the user data to it ?
  • Should the end microservice decode the token instead of the gateway ?

I feel confident implementing both of them, I just cannot figure out if they are good practicesor if there is a better solution I haven't thought of yet.

1
jwtmicroservicesnestjs

1 Answers

3
votes

The best way to do this by use the flow in below.

  1. Request go from client to API gateway.
  2. API gateway will call auth microservice to decode the token.
  3. Auth microservice will verify this token and decode it. then call db to get user data then send user data to API gateway.
  4. Now API gateway have the user data. then will inject headers like x-user-id, x-user-name, x-user-email. and call microservice-x.

Lets say microservice-x will create and record in table then call microservice-z to send email.

  1. Microservice-x will receive request to create record in table for user id x-user-id. then call microservice-z to send email by x-user-email.

enter image description here