Answer the question
In order to leave comments, you need to log in
How are services developed?
How are services developed that “communicate” with each other?
Let's say authorization is implemented on JWT on nodejs.
The part that shows posts to users is implemented in PHP.
Authorization is required so that users can leave comments.
How should they work together?
How does this even happen?
How are tokens verified between services?...
Tell us more about this.
Thank you!
Answer the question
In order to leave comments, you need to log in
In different ways, but OAuth or OpenID will suit you.
There are more than one authorization methods, for all occasions.
How it all works - open spec or posts on this topic with human language and read.
The main and most important thing is that for this you will need a service that will issue and verify tokens - either ready-made (everything in Google, for example Auth0) or your own (from open source - keycloak is quite good)
Other services and applications work with this server and trust it more than themselves . The protocols are standard, so there are libraries for all popular languages / frameworks.
True, it is not very clear why you need nodejs - JWT tokens will be issued by the OAuth server. Although if you have it written in nodejs, then it's ok.
Example:
users on the site are authorized with a name and password on the identity server (let's say this is your node), this server returns, among other things, information in the token that the user can leave comments (for example, adding scope: 'comment')
php server receives a request with a token on creating a comment, opens this token, checks with your node that this token is real (they are signed) and if real, looks to see if scope: 'comment' is there and if yes, then creates a comment.
For example, the admin will have, for example, in addition to the ability to comment, the ability to delete any comment (for example, scope: 'comment-admin') - this scope will be checked when deleting. As well as other admin rights.
You can also give comment-admin to a moderator, for example.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question