2

I have separate auth service and products service. I need to have an api gateway in front of the services and do this function for protected url:

  • Call the auth service and validates the user token
  • if token is valid attach the user id to the request and make the request to products service.

Is there any API gateway supports this custom logic to handle requests ?

Thanks.

R.Roshan
  • 199
  • 4
  • 14
  • one way of doing this is, wrap API of the protected url to do the authentication themselves, if the way of writing your API allow them to be composable. I haven't find any such framework , possible write a API gateway yourself and put the code there – techagrammer Feb 02 '18 at 06:06

1 Answers1

0

The answer depends on the technology stack you are using. Which language? Which framework? Where to deployed? Do you use client sessions or JWT? Oauth or Saml or custom auth service?

If you can give more details we can help better. Here are three random examples:

  1. If you have an AWS based stack (e.g. serverless) you can use AWS API Gateway with a custom auth handler. See this.

  2. If you develop with a framework that supports middleware you can write a small middleware to handle auth. Example for golang here. Example for laravel here.

  3. Hosting your own Zuul gateway with oauth example.

For a lot of technologies you will find standard oauth or saml components that you can use as middleware.

Oswin Noetzelmann
  • 9,166
  • 1
  • 33
  • 46