preface

In order to ensure that the gRPC service will not be monitored and called by a third party and prevent the communication from being tampered or forged, it is necessary to add an authentication mechanism to the gRPC service

Currently, gRPC has three built-in authentication mechanisms:

• SSL/TLS : gRPC integrates SSL/TLS and advocates the use of SSL/TLS to authenticate the server and encrypt all data exchanged between the client and the server. At the same time, the client can optionally provide a certificate for mutual verification
• Token based authentication GRPC provides a mechanism for attaching metadata based credentials to requests and responses This mechanism must be used together with SSL/TLS to provide complete authentication and encrypted communication
• ATLS : Google's own two-way authentication and transmission security system is usually used to build services on Google's platform

This article introduces SSL/TLS in gRPC

Protocol Buffers

Protocol Buffers (Protobuf) is a language independent, platform independent and extensible method for serializing structured data. It can be used for data communication between programs like XML and json Compared with the above two, Protobuf has higher efficiency

Using Protobuf requires .proto Define the data structure in the file, and install its compiler to generate the model of the corresponding language This paper takes Go as an example

Felt it was not as good as compiling and installing

The environment management of Python is really troublesome, and incompatibilities between versions will occur, so it is necessary to know how to install different versions of Python and manage their environment

The system environment of this paper is Debian11, and the virtual environment tool uses venv, which adopts the compilation and installation method Python version is 3.11.6

What is JWT

JWT: JSON Web Tokens, It is a standard for encoding JSON objects into long strings that have no spaces and are difficult to understand. Specifically, it is a string. The following is an example given in the FastAPI document

 eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c

Think of it abstractly as

 aaaaaaaaaaaa.bbbbbbbbbbbb.cccccccccccc

What is Dependency Injection {lang="zh CN"}

What is "Dependency Injection" {lang="en"}

::: zh-CN

Dependency injection in programming is a way to declare the "dependencies" needed or to be used by the code (path operation function in this article) to run.

Then, the system (FastAPI in this article) is responsible for executing any required logic and providing the code with these dependencies ("injection" dependencies).

Dependency injection is commonly used in the following scenarios:

• Share business logic (reuse the same code logic)
• Shared database connection
• Implement security, authentication, role permissions, etc

The above scenarios can use dependency injection to minimize code duplication.:::

::: en

"Dependency Injection" means, in programming, that there is a way for your code (in this case, your path operation functions) to declare things that it requires to work and use: "dependencies".

And then, that system (in this case FastAPI) will take care of doing whatever is needed to provide your code with those needed dependencies ("inject" the dependencies).

This is very useful when you need to:

• Have shared logic (the same code logic again and again).
• Share database connections.
• Enforce security, authentication, role requirements, etc.
• And many other things...

All these, while minimizing code repetition. :::