The preface

We will show you a detailed example of a Go-Zero microservice in a series of ten articles. The table of contents is as follows:

  1. Environment set up
  2. Service split
  3. Customer service
  4. Product/service
  5. Order service
  6. Payment service
  7. Auth Authentication for RPC Services (this article)
  8. Service monitoring
  9. Link to track
  10. Distributed transaction

I hope this series will take you to use the Docker environment on the machine and use go-Zero to quickly develop a mall system, so that you can quickly get started with micro services.

Full example code: github.com/nivin-studi…

First, let’s look at the overall service breakdown diagram:

7 Auth authentication for RPC services

In previous chapters we have implemented RPC service and API service of User Product Order Pay respectively. In API service, we use the JWT of go-Zero framework to realize authentication and verification. Next we will talk about auth authentication for RPC services.

The AUth authentication principle of go-Zero framework RPC service is that the client needs to carry the App id and Token value to access the RPC service, and the RPC service verifies the App ID and Token value from the specified Redis service. Therefore, the App identifier and Token value of the client need to be entered into Redis service in advance.

7.1 openrpcserviceauthvalidation

Let’s use the user RPC service and user API service as examples to enable and use AUth authentication for RPC services

  • Enter the service workspace
$ cd mall/service/user
Copy the code
  • Modify theuser rpcUser. yaml configuration file
$ vim rpc/etc/user.yaml
Copy the code
Name: user.rpc
ListenOn: 0.0. 0. 0: 9000

.

Auth: true               Whether to enable Auth authentication
StrictControl: true      # Whether to enable strict mode
Redis:                   Redis service
  Key: rpc:auth:user     # specify that the Key should be of hash type
  Host: redis:6379
  Type: node
  Pass:

Copy the code
  • Modify theuser apiUser. yaml configuration file
$ vim api/etc/user.yaml
Copy the code
Name: User
Host: 0.0. 0. 0
Port: 8000

.

UserRpc:
  App: userapi                          # App id
  Token: 6jKNZbEpYGeUMAifz10gOnmoty3TV  # Token value
  Etcd:
    Hosts:
    - etcd:2379
    Key: user.rpc
Copy the code
  • Write the App id and Token value to the Redis service

    The App id is the hash key used as the RPC specified key, and the Token value is the hash key value.

  • Restart the User RPC service
$ cdMall /service/user/ RPC $go run user.go -f etc/user.yaml Starting RPC server at 127.0.0.1:9000...Copy the code
  • Restart the User API service
$ cdMall /service/user/ API $go run user.go -f etc/user.yaml Starting server at 0.0.0.0:8000...Copy the code

7.2 debuggingrpcserviceauthvalidation

Accessing the login interface of the User API, we can see that the interface returns the result value normally.

So let’s change the Token value in the user API user.yaml configuration file and ask the interface again.

Note: You need to restart the service to modify the YAML configuration file

We can see from the returned result that the RPC service reported an error, unauthenticated, and denied access.

StrictControl is set to false in the user RPC user.yaml configuration file.

The project address

Github.com/zeromicro/g…

Welcome to Go-Zero and star support us!

Wechat communication group

Pay attention to the public account of “micro-service Practice” and click on the exchange group to obtain the QR code of the community group.