How to do SSO single sign-on based on Unified Gateway

problem description

suppose there are two systems, AGramb, and a sso service, which are developed separately from the front end. The front end accesses the interface through the gateway. Here I use spring cloud gateway. My idea is that all interface requests are judged by token (jwt) at the gateway layer. If the token is verified by the sso service in the request header, it is successfully forwarded to the real business service. If not, redirect to the sso login page. After logging in, sso stores token in redis

the environmental background of the problems and what methods you have tried

at this time, the user clicks on a link www.a.com/order of system a, and there are many API requests on this page, or there may be no
question 1: for the interface request, you can judge at the gateway. What if it is a simple front-end link? I mean, suppose you have logged in at b, but now the request cannot reach the backend

.

ignore question 1. Suppose the user logs in to system a, user token is cached in sso, and user id returns to system a. Later a system requests all carry token. Now the user accesses the interface in system b. My idea is that the front end passes user id,sso to query token with user id as key, and then passes and returns the request to system b. In this way, system b can also take token to request
question 2: how does system b transmit user id? at first, system b does not have any user information, where does this user id come from

the above is my idea of realizing sso. I feel that there are still many questions. If you have a mature plan (preferably at the production level), please deny it directly and give your answer

.
Jun.14,2022

if the front and rear ends are separated, each time you open a web page with a browser, you will get the information of the current user from the sso service. At this time, you can know whether the user has logged in, and then add the verification of login permissions to the route.


sso requires a separate account system. When there is no token at the front end, jump to the account system. After logging in, the account system stores token storage in some way and jumps back to the current system with token.

sso is also called single sign-on

MySQL Query : SELECT * FROM `codeshelper`.`v9_news` WHERE status=99 AND catid='6' ORDER BY rand() LIMIT 5
MySQL Error : Disk full (/tmp/#sql-temptable-64f5-1e4baa5-4c558.MAI); waiting for someone to free some space... (errno: 28 "No space left on device")
MySQL Errno : 1021
Message : Disk full (/tmp/#sql-temptable-64f5-1e4baa5-4c558.MAI); waiting for someone to free some space... (errno: 28 "No space left on device")
Need Help?