Hints on extending with one additional service

[CesMak]

Hey Miguel,

I would like to extend the mircoflack chat app on one additional service named game.
This service should have access to the users and messages db.

I guess I have two options:

1. Make users and messages a wheel and install that with the requirements of the game service, such that I can do inside app.py of game service

from microflack_users.app import User

2. Use the api to get all relevant information from users and messages db

• in this case I think I have to worry about tokens etc. for a secure access?
• How can I make an api endpoint that is only access-able with an internal token?
• Can you give a short code example how to do that in a secure way?

       ip='http://'+os.environ["HOST_IP_ADDRESS"]
        r = requests.get(ip+'/api/users')

I guess regarding the microservice architecture the second option is preferable.
What would you advise?

[miguelgrinberg]

Sharing the database of a microservice with another microservice is really against the microservice principles. The correct way to do this when following the microservices model is to have your new service use the APIs of the users and messages services to work with those entities.

If you can, you should get a token from the client, which you can then use to authenticate internally to other microservices. If that is not possible, then you can allocate a token that is only valid for internal use between services, or maybe configure your services so that they only require authentication for external requests.