2025-12-24
Authentication Service
Now that I have a couple of applications that I want to use from the public internet, it means it's time to really look at authentication and what it means.
I don't want each of my projects to build their own auth logic. I'd rather they build their own system to manage user data but the actual control of who can use what and what they have permission for should be in one central location.
This means that I want an authentication server that all my projects can connect to and get information from.
I'm picturing an authentication app that is running that I can add as a auth request in nginx. In nginx, each project would get its auth set to the auth service. This way nginx will ask my auth server to validate the request, if its good it can then get proxy passed to the right place.
The project can then take that jwt and decode it. By virtue of the request making it and the jwt being decodable means that we have a valid request and then the project can do whatever it wants with it.
The auth service should provide a login page, a list of users with the ability to edit or add new users. The users should be able to get access to applications and the level at which they have access.
I want there to be 2 levels, user and admin.
Now that I'm at this point, I don't want to vibe code this part of the project. I think doing Let's Go was great to help me get started with using go and relying on it for building my first two applications. Now it makes sense to read the second book and building the auth service myself. Once I do that I can trust that at least if a request makes it to my projects, then its a trustworthy request.
This way the projects could be hacked but at least it's by someone I trust rather than accidently screwing up the authentication.