I want to do a web page with several endpoints, each endpoint correspond to a full functional API with front and back (its own requests).
My porpoise is have a main web server that redirects you to the other APIs but with login security, meaning that once you try to go to an endpoint if you are not logged in it will redirect you to a login endpoint where is an API in charge of generate a token. Also all the APIs should not being accessible without go through the main web server.
Until now i have done it with Tornado Python for the main server using get_secure_cookie and set_secure_cookie for the security handle the token from the login API, also everything is in kubernetes for control what is expose to the outside and what doesn't.
For redirect to the API i create a specific handler for each api redirecting all their endpoints, but this generate a problem with css files, since, if this is my handler:
import requests
import tornado.web
class api1handler(tornado.web.RequestHandler)
def get(self, key):
r = requests.get("http://path_to_kubernete_service:port/key")
self.write(r.text)
When the API's front request the css file it doesn't charge because tornado reads it as plain text.
Also some API's have complex requests with several post and get endpoints
My questions are:
How to handle css files problem or how to handle them in my context Is there any form for handle correctly redirection of requests.
Apart from all this, is my approach correct and/or optimal? A better approach? I am open to all kind of advices.
Aucun commentaire:
Enregistrer un commentaire