The minos-kong plugin offer an interface that permit integrate Minos Microservice with Kong API Gateway
Project description
minos-kong
Summary
Pre-Alpha release, use at your own risk Minos Kong is a plugin that integrate minos micorservices with Kong API Gateway
Installation
Install the dependency:
pip install minos-discovery-kong
Modify config.yml
file:
...
discovery:
client: minos.plugins.kong.KongDiscoveryClient
host: localhost
port: 8001
...
How to
The above configuration is sufficient for the microservice to subscribe on startup and unsubscribe on shutdown. Therefore, all you would have to do would be to make your requests against:
http://localhost:8000/your_endpoint
Kong official documentation
Official docs
You can get read the official docs here.
Postman
You can get the official postman collection for postman here.
Konga - Administrative interface
For development purposes you can add open-source administrative section by using next docker service:
services:
...
konga:
image: pantsel/konga
ports:
- 1337:1337
links:
- kong:kong
container_name: konga
environment:
- NODE_ENV=production
Authentication
Modify config.yml
file. Add new middleware and modify discovery section:
...
middleware:
...
- minos.plugins.kong.middleware
discovery:
connector: minos.networks.DiscoveryConnector
client: minos.plugins.kong.KongDiscoveryClient
host: localhost
auth-type: basic-auth
port: 8001
...
Currently, there are 2 possible types of authentication:
basic-auth
jwt
For the route to be authenticated with the method specified above, a parameter called authenticated
must be passed:
class CategoryCommandService(CommandService):
@enroute.rest.command("/categories", "POST", authenticated=True, authorized_groups=["super_admin", "admin"])
@enroute.broker.command("CreateCategory")
async def create_category(self, request: Request) -> Response:
try:
content = await request.content()
category = await Category.create(**content)
return Response(category)
except Exception:
raise ResponseException("An error occurred during category creation.")
If authorized_groups
is also specified, this means that ACL will be enabled for that path and only users in the specified group will be allowed access.
Example of how to create a user and add them to a group:
from minos.common import (
NotProvidedException,
Config,
Inject,
)
from minos.cqrs import (
CommandService,
)
from minos.networks import (
Request,
Response,
enroute,
)
from ..aggregates import (
Role,
User,
)
from minos.plugins.kong import KongClient
class UserCommandService(CommandService):
"""UserCommandService class."""
@enroute.rest.command("/users", "POST")
@enroute.broker.command("CreateUser")
async def create_user(self, request: Request) -> Response:
"""Create a new ``User`` instance.
:param request: The ``Request`` instance.
:return: A ``Response`` instance.
"""
content = await request.content()
active = True
if "active" in content:
active = content["active"]
user = User(
name=content["name"],
surname=content["surname"],
email=content["email"],
telephone=content["telephone"],
role=content["role"],
active=active,
)
await user.save()
kong = KongClient(self._get_kong_url())
consumer_raw = await kong.create_consumer(username=f"{user.name} {user.surname}", user=user.uuid, tags=[])
consumer = consumer_raw.json()
basic_auth = await kong.add_basic_auth_to_consumer(username=f"{user.name.lower()}_{user.surname.lower()}",
password=content["password"], consumer=consumer["id"])
acl = await kong.add_acl_to_consumer(role=user.role.name.lower(), consumer=consumer["id"])
return Response(user)
@staticmethod
@Inject()
def _get_kong_url(config: Config) -> str:
"""Get the service name."""
if config is None:
raise NotProvidedException("The config object must be provided.")
return f"http://{config.get_by_key('discovery.host')}:{config.get_by_key('discovery.port')}"
Generate JWT example:
from minos.common import (
UUID_REGEX,
NotProvidedException,
Config,
Inject,
)
from minos.cqrs import (
CommandService,
)
from minos.networks import (
Request,
Response,
enroute,
)
from ..aggregates import (
Role,
User,
)
from minos.plugins.kong import KongClient
class UserCommandService(CommandService):
"""UserCommandService class."""
@enroute.rest.command(f"/users/{{uuid:{UUID_REGEX.pattern}}}/jwt", "POST", authenticated=True, authorized_groups=["admin"])
@enroute.broker.command("GetUserJWT")
async def create_user_jwt(self, request: Request) -> Response:
params = await request.params()
uuid = params["uuid"]
user = await User.get(uuid)
if user.uuid == request.user:
kong = KongClient(self._get_kong_url())
jwt = await kong.add_jwt_to_consumer(request.headers.get("X-Consumer-ID"))
return Response(jwt.json())
else:
return Response(status=404)
@staticmethod
@Inject()
def _get_kong_url(config: Config) -> str:
"""Get the service name."""
if config is None:
raise NotProvidedException("The config object must be provided.")
return f"http://{config.get_by_key('discovery.host')}:{config.get_by_key('discovery.port')}"
You can get read the official docs here.
Documentation
The official API Reference is publicly available at the GitHub Pages.
Source Code
The source code of this project is hosted at the GitHub Repository.
Getting Help
For usage questions, the best place to go to is StackOverflow.
Discussion and Development
Most development discussions take place over the GitHub Issues. In addition, a Gitter channel is available for development-related questions.
License
This project is distributed under the MIT license.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for minos-discovery-kong-0.7.0.dev1.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | fd8e0b09aae2b9e5d1883670ce8ae1bec9fc1a7a9dddc6064db3840bc67c5af9 |
|
MD5 | a32985d672d815b25a28c37e1ed6dcac |
|
BLAKE2b-256 | 0c054c44ff266f3a3492e53529422eb9deeeee5d241e581bf87a5fd6f905eecf |
Hashes for minos_discovery_kong-0.7.0.dev1-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 2187b6739edfd5a777dab51e14af3bc3d2d7eae201b77cea79c831e5295f2395 |
|
MD5 | 37bac6c51cbedc4c0617517418339eec |
|
BLAKE2b-256 | efce1bb072a9095e4c1e08b9452569fc6513bc8be4cc31916b0e0e62770028fc |