2

Our team has hired freelancers for creating a website. They did their job well, but now we want to add services for our core product using different server and technologies, but we want user identities to remain the same on the website as well as on the mobile application that will be using these services.

Possible solution I can think of:

1) Run these software under same machine with different port using same database.

2) One of these software access database remotely.

3) API between them, but disadvantage is that data may not be consistent between databases.

What is the best solution? Am I missing something?

wigy
  • 153
  • 7
8bra1nz
  • 259
  • 1
  • 8
  • 1
    What kind of user store are you using? LDAP, Active Directory, a table on the database? – Zalomon Mar 06 '17 at 13:27
  • @Zalomon Database table – 8bra1nz Mar 06 '17 at 13:38
  • 1
    I'd go with 2, set the user database in some place that is accesible to both and handle it. In fact I'd use an API to handle authentication and user management so there's a single entry point to that and the database part is transparent to the user. – Zalomon Mar 06 '17 at 15:37

1 Answers1

1

Do either of the applications have an API? If so, creating a synchronization script (Option 3) would be the cleanest and most upgrade proof. You'd want to consider how often this should synchronize. Is daily enough, hourly? What happens if a user changes information on both applications in that same window?

I can't provide additional advice on how to accomplish this without knowing the applications in use.

If one or both is custom built and you have easy database connections for both DB servers and simple security, having them share a user table might be most practical. That is a lot of ifs, so again, would need more details to provide best advice on this path.

Steve Robison
  • 21
  • 1
  • One is back-end for website running on Nginx, PHP, Laravel. Second is Java web service (RESTful) running on AWS. I think periodical synchronization is not an option because user has to wait some time after registration that way, also it it'll be harder to scale just one server without scaling another. – 8bra1nz Mar 06 '17 at 14:02
  • Synchronization can be as quick as every 5 minutes, so it depends on how real time you really need. If using the same database for authentication is an option, then your best bet would be to have the Laravel app use the Java db. While not the purest approach, it can be practical. Can the session be shared across both apps? Is it on the same domain? The type of session each system uses (cookie/db, file, redis, etc) may limit your options here. Adjust the user section in the Laravel app so that either it updates the Java app user table, or possibly just links to Java app user section. – Steve Robison Mar 06 '17 at 15:14
  • 1
    If your Java app is using Spring Security for authentication (which is very likely), then it's the work of moments to set it up as an OAuth server. I'm not familiar with laravel, but if it doesn't have an oauth client integration module I'd be shocked. Linking them could be almost trivial. – Jules Jun 04 '17 at 15:21