User Management - Proposal 1

Based on the understanding, Thrymr Team created a Technical Architecture & Database Schema for the User management.

Version 1.0

Description

Following points regarding JWT+Redis
JSON Web Tokens (JWT) :

We can control access to APIs you deploy to API gateways using JSON Web Tokens (JWTs).  When a client attempts to access an API, it must include a JWT. The resource validates the JWT with an authorization server using a corresponding public verification key. A token will be active until its set expiration date.
Even if the user has logged out on the front-end and local storage cleared, anyone having access to the token can access authenticated routes for that user until the token expires.

The solution is to save a blacklisted token on logout in a column of the user table and use it for validation, destroying the previous token when it expires.

Pros and cons

In-memory relies on main memory for computer data storage and is faster than database management systems that use disk-management systems.

Maintaining Redis is only for backend login engineering work not for any business functionality purpose.

Justification for Redis

1. Redis is an in-memory data structure store used as a database, cache, or message broker. You can use data structures like strings, hashes, lists, sets, sorted sets e.t.c

2. We have used JWT + Redis for many projects.
   We can use any other DB to maintain a blacklisted token but Redis is very fast as per our previous experiences.

SSO Architecture

SSO Architecture flow description:

1. Send User Credentials and Request for token

2. Verify Request URL

3. It connects to the Database and verifies the user credentials

4. Generate jwt token and return

5. Request for the resource (API) with jwt token in the header

6. Validate the token and Check the block list

7. Return the response

8. Save the token into a block list when the user logout
   

Database Schema V1.0

Database Schema V1.1