I am looking for help on the Keycloak implementation part of my project.
- 3 GraphQL(Graphene) independent APIs written in python using Django.
- 3 Client side frontends in React using Apollo client.
- 1 Client side frontend in React dedicated for login and user account Please see Note 1
- Keycloak for Authorization and Authentication.
I’ll need your help to:
- Setup Client in Keycloak UI for both the client side frontend and the backend Django Api.
- Backend: Build a python decorator that takes a string (the permission name) as a parameter, validates the Keycloak token received from frontend request, and checks if the user has the required permission to perform the action.
- Frontend: Please see note 1. Basically all that Keycloak does during user authentication: Authenticates user, adds the token securely in user’s browser cookies, redirects user back to the service page. Retrieve user information, update user information, and obviously logout.
Note 1: This is my idea and I’m open to suggestions. Does not need to be in React nor client-side at all. Though I do need to be able to:
- Customize login and user account pages completely
- Have the user account management outside of the services domains (in ex: [login to view URL])
- Not exposing Keycloaks pages is preferable.
These frameworks I am using are popular and the nature of my job request is not directly related to my code. I’d ask you to develop on your own and walk me through it’s implementation.