This document details the API Gateway service, a central component of the space trader elite-style backend. The gateway acts as a single entry point for all client requests, routing them to the appropriate microservice.
The API Gateway is built using ASP.NET Core with the YARP (Yet another Reverse Proxy) library. Its primary functions are:
The core functionality of the gateway is configured in the appsettings.json file, which defines the routing rules and cluster destinations for each microservice.
The Jwt section defines the settings for handling JSON Web Tokens.
appsettings.json
{
"Jwt": {
"Key": "super-secure-secret-key-change-me-super-secure-secret-key-change-me",
"Issuer": "AuthService",
"Audience": "ClientApp",
"ExpiresInMinutes": 15,
"RefreshTokenExpiresInDays": 7
},
// ...
}
The gateway uses these settings to validate incoming JWTs, ensuring they are issued by the correct authority (AuthService) and intended for the correct audience (ClientApp).
The ReverseProxy section is where routes and clusters are defined, telling the gateway how to forward requests to the downstream services.
appsettings.json
"ReverseProxy": {
"Routes": {
"ROUTE1": {
"ClusterId": "CLUSTER_GALAXY",
"Match": {
"Path": "/galaxy/{*remainder}"
}
},
// ... other routes
},
"Clusters": {
"CLUSTER_GALAXY": {
"Destinations": {
"destination1": {
"Address": "http://moe_galaxyservice:8080/api/"
}
}
},
// ... other clusters
}
}
This configuration routes any request matching the path /galaxy/{*remainder} to the CLUSTER_GALAXY. The CLUSTER_GALAXY is then configured to forward the request to the specified destination address, in this case, http://moe_galaxyservice:8080/api/.
The API Gateway exposes a single, unified API surface. Requests are routed to the appropriate microservice based on the URL path.
/auth/{*remainder}
Routes requests to the Authentication Service. This would typically be used for user login, registration, and token management.
| Parameter | Type | Description |
|---|---|---|
{*remainder} |
string | The rest of the path after /auth/, which is forwarded to the auth service. |
/galaxy/{*remainder}
Routes requests to the Galaxy Service, likely for retrieving information about planets, systems, or star charts.
| Parameter | Type | Description |
|---|---|---|
{*remainder} |
string | The rest of the path after /galaxy/. |
/market/{*remainder}
Routes requests to the Market Service, which manages trade goods and market prices for various planets.
| Parameter | Type | Description |
|---|---|---|
{*remainder} |
string | The rest of the path after /market/. |
/mission/{*remainder}
Routes requests to the Mission Service, used for managing and accepting missions.
| Parameter | Type | Description |
|---|---|---|
{*remainder} |
string | The rest of the path after /mission/. |
/player/{*remainder}
Routes requests to the Player Service, for managing player data, inventory, and stats.
| Parameter | Type | Description |
|---|---|---|
{*remainder} |
string | The rest of the path after /player/. |
/ship/{*remainder}
Routes requests to the Ship Service, for managing player ships, upgrades, and cargo.
| Parameter | Type | Description |
|---|---|---|
{*remainder} |
string | The rest of the path after /ship/. |
The gateway defines several authorization policies based on user roles, which are extracted from the JWT.
These policies can be applied to specific routes in the appsettings.json file to restrict access to certain services.
The service includes a Dockerfile for containerization. The build process uses a multi-stage build:
mcr.microsoft.com/dotnet/sdk:9.0 image to restore dependencies and publish the application.mcr.microsoft.com/dotnet/aspnet:9.0 runtime image, copying only the published application files to create a small and secure final image.