Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Based on the understanding, Thrymr Team created a Technical Architecture & Database Schema for the User management.

Image RemovedImage Added

Description

Following points regarding JWT+Redis
JSON Web Tokens (JWT) :

We can control access to APIs you deploy to API gateways using JSON Web Tokens (JWTs).  When a client attempts to access an API, it must include a JWT. The resource validates the JWT with an authorization server using a corresponding public verification key. A token will be active until its set expiration date.
Even if the user has logged out on the front-end and local storage cleared, anyone having access to the token can access authenticated routes for that user until the token expires.

The solution is to save a blacklisted token on logout in a column of the user table and use it for validation, destroying the previous token when it expires.

Pros and cons

(plus)

...

In-memory relies on main memory for computer data storage and is faster than database management systems that use disk-management systems.

(minus)

Maintaining Redis is only for backend login engineering work not for any business functionality purpose.

...

Justification for Redis

...

  1. Redis is an in-memory data structure store used as a database, cache, or message broker. You can use data structures like strings, hashes, lists, sets, sorted sets e.t.c

  2. We have used JWT + Redis for many projects.
    We can use any other DB to maintain a blacklisted token but Redis is very fast as per our previous experiences.

Pros and cons

(plus)

Advantages
Why Redis:

(plus)

Disadvantage:Maintaining Redis is only for backend login engineering work not for any business functionality purpose.

...

Database Schema

...

Vineet Singh DB schema added above. Please share your comments