I want to check and validate Json Web Tokens in headers of the incoming requests to the API gateway before passing them to microservices. But the logic for issuing tokens will be in User service behind the Gateway. Is there a way to validate incoming request web tokens?
I tried using express-gateway. It only had in memory store. Is there a way to get it from a db like MySql?
thanks a lot for the message.
Express Gateway supports in Memory store and Redis as well, so if you want to persist your users, that should be the way to go.
According to your message, it seems like your users are stored in another database, backed by Mysql. In this case, what'd be the best would be to make sure that every time our system creates an user, it should create an user in Express Gateway with a set of credentials (depending on the login flow you want to use).
Once that's done, all you need to do is configure a pipeline with the jwt or oauth2 policy to validate (and issue) the tokens.
If you need any more help, feel free to answer here or stop by our Gitter channel.
Cheers!
