Thread
#general
    aV

    aV

    3 months ago
    @rp is grpc golang example ready
    r

    rp

    3 months ago
    Hey!
    I don’t think we can directly support grpc cause we rely on cookies for sessions to work
    aV

    aV

    3 months ago
    I have a 2 microservices ready in golang micro framework which relies on grpc. What I want is that only logged in users can use the two microservices . What should be the flow?
    please guide
    r

    rp

    3 months ago
    Are those micro services being called by the frontend or another backbench service?
    aV

    aV

    3 months ago
    for now directly but in the future I am planning to use an api gateway that will proxy the requests. Micro framework makes the services written available on single endpoint with different path. Say localhost:8080/user and localhost:8080/profile If grpc was supported I would have made another service at localhost:8080/auth for supertokens.
    r

    rp

    3 months ago
    hmm. So our Auth APIs are all http
    aV

    aV

    3 months ago
    Yes
    r

    rp

    3 months ago
    if you like, you can enable JWT for our sessions, and then send the JWT from the frontend to the grpc services.
    i doubt it will be possible to do our access / refresh session flows with grpc without lots of customisations.
    so the best solution is to go the JWT route
    aV

    aV

    3 months ago
    Micro exposes services at localhost:8080 as http consumption and localhost:8081 for grpc consumption. Would it not be possible to expose supertokens at Port 8080? I suggest you to check micro.dev first and see if something is possible otherwise I will go for the JWT route definitely.
    r

    rp

    3 months ago
    it would be possible to expose supertokens on 8080
    butt he APIs for GRPC won't be able to do session verification in the default supertokens way
    so for those, i suggested using JWTs
    aV

    aV

    3 months ago
    Is there any security issue with this approach? Also can you add an example implementing the same
    r

    rp

    3 months ago
    Security issues are the same as that that come along with using a JWT.