Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/misterowlpt/traefik-auth-api

A sample project that uses Traefik to control access to a federated REST API
https://github.com/misterowlpt/traefik-auth-api

cors restful-api traefik

Last synced: 24 days ago
JSON representation

A sample project that uses Traefik to control access to a federated REST API

Host: GitHub
URL: https://github.com/misterowlpt/traefik-auth-api
Owner: MisterOwlPT
License: mit
Created: 2023-03-02T14:59:07.000Z (almost 2 years ago)
Default Branch: master
Last Pushed: 2023-03-03T10:11:39.000Z (almost 2 years ago)
Last Synced: 2024-11-08T08:54:43.163Z (3 months ago)
Topics: cors, restful-api, traefik
Language: JavaScript
Homepage:
Size: 13.7 KB
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# Traefik + CORS + Authenticated REST API

**This project was created as a case study only!**

This project shows how you can configure [Traefik](https://doc.traefik.io/traefik/) to control access to a federated REST API so that:
- All requests to the API are forwarded to a custom authentication service;
- Only requests authenticated with success are granted access to the REST API. A response to the request is then provided by the API service;
- All requests with insufficient permissions are blocked. In this case responses are provided by the authentication service itself;
- CORS requests are handled properly in both situations.

## Quick start

Build all required Docker images and launch containers:

```bash
$ docker compose up -d
```

To inspect incoming authentication requests check the authentication server logs:

```bash
$ docker compose logs -tf auth
```

Access the web application (http://frontend.localhost).

## Expected behaviour

Click on the `Make authenticated request` button:
- Check the browser's console and a message should appear: `I am making an authenticated request (authenticated = true)`;
- The authentication server should print a new log message: `Received authentication request with permissions set to 'true'`;
- A pop-up alert should appear on your browser window displaying the message: `Hello from backend server!`;
- Check the browser's console and no error should appear.

Click on the `Make unauthenticated request` button:
- Check the browser's console and a message should appear: `I am making an unauthenticated request (authenticated = false)`;
- The authentication server should print a new log message: `Received authentication request with permissions set to 'false'`;
- No pop-up alert should appear on your browser window;
- Check the browser's console and an error (non CORS-related) should appear: `GET http://backend.localhost/ 401 (Unauthorized)`.