MrSandyWilly's avatar

Design principles for "web client" connecting to existing server

Hey!

I'm writing an application which is essentially a "web client" for an existing program which already has a desktop client. As such, I need to interface with the existing "hub" server which the program uses. I'm doing a frontend with Vue and Inertia.js, and the code in laravel needs to communicate with the existing "hub" (as its referred to by the company), which listens for HTTP requests.

Each client needs to first authenticate with the hub and then communicate various things from the clients to the hub.

I'm not sure how best to word this, but how would I design this "in terms of laravel"? How do you think it should work!

Thanks

0 likes
11 replies
automica's avatar

so you are looking to connect your application server to a 3rd party application server?

I would suggest you establish what Auth system your 3rd party uses. Likely that they would be implementing at least a token authentication. They give you a token and you pass it in a header with your requests to their server to authenticate.

More complicated but still supported with be to connect via OAuth https://www.varonis.com/blog/what-is-oauth but you'll need to be lead by their existing authentication.

MrSandyWilly's avatar

@automica I've already got a full ICD for the external server. It uses token based authentication.

automica's avatar

@MrSandyWilly sweet. token authentication just requires you to pass the token with a header.

In your requests to their api, you just need to add

   ->withHeaders([
                'Authorization' => 'Bearer '. $yourToken,
            ])
MrSandyWilly's avatar

@automica Thanks. I'm sorry if I wasn't really clear enough in my question, I can appreciate it was a bit vague. What I meant to ask is what laravel architecture concepts should I be building on to create these inter-server communications? How do you think the app should be keeping track of the many clients its doing comms for?

martinbean's avatar

@MrSandyWilly Sorry, but this sounds like something you’ve been tasked with in your role. You’re basically asking us to do your job and architect a solution for you.

MrSandyWilly's avatar

@martinbean is the toxicity really required when you have no clue about “the role”? What if it’s a voluntary role which I’m kindly asking for advice on - if you don’t want to offer any then that’s fine by me - I didn’t ask you specifically. I’d appreciate not receiving comments like this on a forum for HELPING PEOPLE

martinbean's avatar

@MrSandyWilly But you’re not asking for help on anything specific. You’ve come here with a vague brief and now asking everyone to fill in the specifics for you and give you a step-by-step guide for how to approach and build the project.

I also fail to see how it’s “toxic” to point out that what you’re asking is a bit too much in terms of scope for a forum where people give up their time for free. I don’t really care if the role is voluntary or not; you’re still asking people to do it for you for free.

By all means, ask questions about specific problems, but there was nothing specific about your original question at all. You posted a brief and signed it off with “How do you think it should work!” So yes, you’re asking for a whole solution to be architected.

MrSandyWilly's avatar

@martinbean I haven’t seen anything against “bigger picture” questions - isn’t this a design forum? I’ve got my own idea of how it might be accomplished, I’m looking for other peoples opinions.

automica's avatar

If I understand correctly, your app is going to get all its data from the 3rd party server and then render it to your visitors?

if you are just relaying your requests for your users, then all you need to do is to ensure you have a means for each user to login and then once authenticated, just make requests to the 3rd party via the http client, instead of loading data from your database layer.

if you need any additional functionality such as audit logs of user activity, then you'd want additional tables to store this data in in your application.

If you dont need the complexity, and your 3rd party service is doing this audit logging then your application can be pretty basic and not worry about storing any state data for the user.

It feels (on what you've already said) that all you'll need to do is get familiar with the Http client and ensure you handle the exceptions when your app isnt able to connect to the 3rd party.

MrSandyWilly's avatar

@automica Thanks a lot that helps a lot! Each request made to the server is identified using a "Session ID" - which should be the same across requests originating from the same client. Surely Laravel needs to have some way of "linking" a client and a specific session ID??

automica's avatar

@MrSandyWilly Laravel is already capable of managing to link session with user via the 'auth:web' middleware. If you implement the default login classes you'll get that out of the box.

When your client logs in you know who they are and app will start a unique session for them.

The question you need to establish is what your app needs to handle other than authenticating your user? How do you syncronise a user on your application with their equivalent user on the 3rd party application?

Please or to participate in this conversation.