Hey what about a strategy where each microservice knows how to authenticate a user?
Use the AUTH microservice to generate the JWT;
Each microservice knows about the USER data source;
Each microservice will have the logic to decode that JWT;
Each request from the client will contain a cookie with the JWT;
So in a case where the AUTH microservice is down, the app will continue to function because the other microservices will know how to validate the JWT from the cookie.
What you think? :D
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Hey what about a strategy where each microservice knows how to authenticate a user?
So in a case where the AUTH microservice is down, the app will continue to function because the other microservices will know how to validate the JWT from the cookie.
What you think? :D