Take you to easily get Go microservice series in ten days (7)

Preamble

We will show you a go-zero microservice example in detail through a series of articles. The whole series is divided into ten articles. The directory structure is as follows:

1. Environment construction
2. service split
3. User service
4. product service
5. Order service
6. payment service
7. RPC Service Auth Authentication (this article)
8. service monitoring
9. link tracking
10. Distributed transaction

I hope that through this series, you can quickly develop a mall system using go-zero in the Docker environment on the local machine, so that you can quickly get started with microservices.

Complete example code: https://github.com/nivin-studio/go-zero-mall

First, let's take a look at the overall service split diagram:

7 RPC service Auth authentication

In the preceding chapters we have achieved an user product order pay of rpc service and api Services. In the api service, we use go-zero which comes with the framework jwt to implement authentication verification. Then we will talk about rpc service auth verification.

go-zero frame rpc services auth verification principle is that the Client Access rpc service needs to carry App identification and Token value, rpc service will be from the specified Redis Authentication service App identification and Token value is correct . Therefore, the client's App identity, Token value, needs to be entered in advance Redis service.

7.1 Enable rpc Service auth Verify

Let's take the user rpc service and the user api service as an example to enable and use the rpc service auth

• Enter the service workspace

 $ cd mall/service/user

• Modify user rpc user.yaml configuration file

 $ vim rpc/etc/user.yaml

 Name: user.rpc
ListenOn: 0.0.0.0:9000

...

Auth: true               # 是否开启 Auth 验证
StrictControl: true      # 是否开启严格模式
Redis:                   # 指定 Redis 服务
  Key: rpc:auth:user     # 指定 Key 应为 hash 类型
  Host: redis:6379
  Type: node
  Pass:

• Modify the user api user.yaml configuration file

 $ vim api/etc/user.yaml

 Name: User
Host: 0.0.0.0
Port: 8000

...

UserRpc:
  App: userapi                          # App 标识
  Token: 6jKNZbEpYGeUMAifz10gOnmoty3TV  # Token 值
  Etcd:
    Hosts:
    - etcd:2379
    Key: user.rpc

• Write App identifier, Token value to Redis service

  App identified as rpc designated key a hash key , Token value as hash key of value.

• restart user rpc service

 $ cd mall/service/user/rpc
$ go run user.go -f etc/user.yaml
Starting rpc server at 127.0.0.1:9000...

• Restart the user api service

 $ cd mall/service/user/api
$ go run user.go -f etc/user.yaml
Starting server at 0.0.0.0:8000...

7.2 Debug rpc Service auth Verify

Visit the user api login interface of ---1bef92b34081d9789aa96a7853935509---, we can see that the interface can return the result value normally.

Then we modify the user api Token value in the user.yaml configuration file to request the interface to try again.

Tip: Modifying the yaml configuration file requires restarting the service to be effective

We can see from the returned results, rpc the service reported an error, unauthenticated and denied access.

You can try to modify the user rpc user.yaml configuration file StrictControl false to see the effect.

project address

https://github.com/zeromicro/go-zero

Welcome go-zero and star support us!

WeChat exchange group

Follow the official account of " Microservice Practice " and click on the exchange group to get the QR code of the community group.