https://supertokens.com/ logo
a

aV

06/08/2022, 3:40 AM
@rp is grpc golang example ready
r

rp

06/08/2022, 4:13 AM
Hey!
I don’t think we can directly support grpc cause we rely on cookies for sessions to work
a

aV

06/08/2022, 4:20 AM
I have a 2 microservices ready in golang micro framework which relies on grpc. What I want is that only logged in users can use the two microservices . What should be the flow?
please guide
r

rp

06/08/2022, 4:27 AM
Are those micro services being called by the frontend or another backbench service?
a

aV

06/08/2022, 12:33 PM
for now directly but in the future I am planning to use an api gateway that will proxy the requests. Micro framework makes the services written available on single endpoint with different path. Say localhost:8080/user and localhost:8080/profile If grpc was supported I would have made another service at localhost:8080/auth for supertokens.
r

rp

06/08/2022, 12:33 PM
hmm. So our Auth APIs are all http
a

aV

06/08/2022, 12:33 PM
Yes
r

rp

06/08/2022, 12:33 PM
if you like, you can enable JWT for our sessions, and then send the JWT from the frontend to the grpc services.
i doubt it will be possible to do our access / refresh session flows with grpc without lots of customisations.
so the best solution is to go the JWT route
a

aV

06/08/2022, 12:38 PM
Micro exposes services at localhost:8080 as http consumption and localhost:8081 for grpc consumption. Would it not be possible to expose supertokens at Port 8080? I suggest you to check micro.dev first and see if something is possible otherwise I will go for the JWT route definitely.
r

rp

06/08/2022, 12:39 PM
it would be possible to expose supertokens on 8080
butt he APIs for GRPC won't be able to do session verification in the default supertokens way
so for those, i suggested using JWTs
a

aV

06/10/2022, 5:21 PM
Is there any security issue with this approach? Also can you add an example implementing the same
r

rp

06/10/2022, 5:49 PM
Security issues are the same as that that come along with using a JWT.