Controlling access to microservices
We can apply north-south security to secure communication between producers (client) and workers (services) and to prevent unauthorized producers from executing our microservices:
Figure 9.3 – Controlling north-south access to microservices
To see how this works, we’ll set this up for the Django subscription app and the match address worker in our sample application with JWT.
We’ll start by creating a JWT for the Django app. This is a one-time action for which we use a standalone Python script. We could hardcode the generated JWT into the Django app and the match address worker, but that’s unsafe, so we’ll include the tokens as settings in a safe .env
file, which we’ll process with the python-dotenv
package. Follow the next steps to generate and store the JWT:
- Create a file called
generate_token.py
in thedjango-microservices
directory with this code:1 import jwt 2...