Actual security, as in identity, is still a 3rd party thing, aka you still need a OIDC IDP (or oauth2 in the broadest sense or similar).
All NATS security does is validate that the credentials you pass the a client are valid and enforce limits, if configured.
The microservice API was necessary, since simple request/reply structure was lacking errors, logging and statistics.
micro.Request actually has a convenience req.RespondJSON() function.
A small example?
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 |
func (h *Handler) Run() error { sigs := make(chan os.Signal, 1) signal.Notify(sigs, syscall.SIGINT, syscall.SIGTERM) done := make(chan bool, 1) go func() { sig := <-sigs fmt.Println(sig) done <- true }() newsService, e := micro.AddService(h.nc, micro.Config{ Name: "news", Endpoint: nil, Version: "0.0.1", Description: "Group Service", }) if e != nil { return e } groupGrp := newsService.AddGroup("group") if e := groupGrp.AddEndpoint(Create, micro.HandlerFunc(h.createGroup)); e != nil { return e } if e := groupGrp.AddEndpoint(FindAll, micro.HandlerFunc(h.findAllGroups)); e != nil { return e } if e := groupGrp.AddEndpoint(GetById, micro.HandlerFunc(h.getByID)); e != nil { return e } <-done return nil } |
So right now I have, ent for the database stuff and nats over websocket for the service requests.
But I’m having big issues with NATS Jetstream.
The ws client is blocking, despite callbacks and async.
The micro package also has a long way to go.
Regular HTTP has middleware, micro doesn’t seem to have it, maybe I’m missing something. OTOH I could just pass the request to a next function, but it’s not very elegant.