0

I need some help with building something (That I call) Centralized Authentication Server in Django 2.0, which will support the following:

Say There are 2 services:

  1. Service A - which is the frontend application. It's a simple Django project the has only one view that serves a VueJS application.
  2. Service B - which is the API. Service A is sending AJAX requests to Service B.

The 2 services are totally separate, and ideally I would like to not handle any User model in none of the services.

What I would like is to use Service C, which is a service that handles all the Authentication and the User model.

When a user goes to Service A and he is not logged in, he will be redirected to Service C and login to the system using his credentials (User/Password) and then will be redirected back to Service A, alongside with a token that will enable him to speak with service B.

Then service B will get this token, and authenticate it against service C. (In each request, or only in the first request / dedicated 'login' request).

I read a lot about django-mama-cas + django-cas-ng, and tried to implement it. But I got stuck when calling Service B with ajax requests.

Anyone know how can I achieve such an architecture?

Or maybe my whole approach is wrong from the root?

Thanks in advance!

Dar Ben-Tov
  • 111
  • 7
  • Take a look at json web tokens. You can keep any information about user inside it and user won't be able to modify it, because it is signed. With that approach, other servers don't even need to know what is user. They will just check if proper permissions are granted inside token and verify if token is properly signed. – GwynBleidD Mar 13 '18 at 12:58
  • This is called `Single Sign On`. Answers on [this question](https://stackoverflow.com/questions/4662348/implementing-single-sign-on-sso-using-django) suggest `django-mama-cas` etc, which you've already tried. – xyres Mar 13 '18 at 14:24

0 Answers0