Application Architecture

paulscherrerinstitute / alphafold-on-fire

GNU General Public License v3.0

1 stars 3 forks source link

Application Architecture #3

Open pozsa opened 3 years ago

pozsa commented 3 years ago

This issue is meant to document our initial decisions regarding the architecture of the application.

Auth related:

external OIDC auth service to be used
backend receives and does authn and authz based on JWT tokens
apps are configured with accepted OIDC service providers via env vars
web frontend to use auth code + pkce grant flow (all endpoints implemented on the frontend)
sdk frontend to use resource owner password credentials grant flow

pozsa commented 3 years ago

Are we all in agreement that we go for separate frontend and backend from the get-go? (i.e. minimal server-side rendering if any) Do we want an SPA (single page application)?

I wouldn't break down the backend into smaller microservices. Authn and authz are already separate components which is good. I think the rest we can keep as a monolith. Any thoughts on this?

sbliven commented 2 years ago

Agree with single backend service (I'm not sure we'll have enough endpoints to qualify as a 'monolith')

I think SPA is a bad design, both for development and for users.