API Gateway

API gateway is a HTTP server that handles incoming HTTP traffic and transforms those to bus message model and publishes those on the message bus.

It is a core service in Fruster and is quite literally the gateway into the cluster from the outside world.

Note that API Gateway has no built in support for SSL, so if SSL is used (which you should) it needs to be terminated for example on load balancer before entering the API Gateway.

How it works

1. HTTP request is handled by API Gateways HTTP server
2. HTTP request is translated into a fruster request and a subject
3. API Gateway publishes message on the bus and will return response back to client

Authentication

API Gateway will automatically attempt to decode any JWT token (cookie or header) and get the user so that it is exposed in user attribute in the inbound fruster request.

This is done by invoking Auth Service which will validate and decode the token and, if needed not, fetch user including scopes from User Service.

Websockets

TODO

Multipart upload

TODO