Microservices with deno

Proof of concept microservices project with Deno.

Installation

• download vscode.
• install Docker.
• install vscode remote container extension.
• clone this repository.
• open repository folder in vscode dev container.
• run script ./certificates.sh to generate public certificate and private key for localhost domain.

Using

• run script ./starting.sh.
• run http request step by step starting with .http-client/identity.http and then notifications.http and loans.http.

Description

• identity microservice: identity api [support/public].
  • register account.
  • change account password.
  • login user.
  • register activation link and send an activation link email to notification service.
  • use activation link to activate account.
  • generate jwt authentication token [testing purpose].
  • get activation link [testing purpose].
• loans microservice: loans api [business/public].
  • register contract and calculate interest rate.
  • approve contract.
  • reject contract.
• notifications microservice: notifications api [support/private].
  • register notifications.
  • send notifications to external services.
• monitor microservices: monitoring api [support/public].
  • monitor microservices health (live health).

Observations

• std-modules contains independent standard modules (some depending only on std-errors).
• webapi-modules contains webapi modules shared by all microservices.
• identity microservice use mediator to publish internal messages and to chain message handlers. Use scheduler to resume failed handled messages.
• loans microservice use in-process caching for discout and interest types [rarely changed].
• notifications microservice use jwt authentication with tokens generated by identity microservice. Like identity microservice use mediator to chain message handlers.
• identity microservice and monitor microservice use resilient fetch to communicate with other microservices.
• idempotency is implemented by all message handlers and by notifications microservice endpoint to deduplicate notifications.

Security

• public microservices use cookie as authentication mechanism.
• private microservice(s) use jwt as authentication mechanism.
• microservices use a distributed authorization mechanism based on account roles.
• public microservices use rate limiting per ip/global to avoid dos/ddos attacks.
• db queries use parameters [no sql query concatenations].
• use encryption key to encrypt/decrypt authentication/identity cookies.
• use signing key to sign/verify jwt authentication/identity tokens.

wip [cors, http cache, logging]