Application Infrastructure and Workflow
This document outlines the infrastructure and workflow of the application, focusing on user authentication with LinkedIn, data processing with AWS Lambda and API Gateway, data storage in DynamoDB, and access control with Cloudflare Access.
Infrastructure Components
- LinkedIn: External service used for user authentication.
- Frontend Application: The client-side of the application, responsible for initiating the LinkedIn login process and displaying user-specific information.
- AWS Lambda: Serverless compute service that runs backend code in response to events such as API Gateway requests.
- AWS API Gateway: Manages and routes incoming API requests to the appropriate Lambda function.
- AWS DynamoDB: NoSQL database service used for storing user data.
- Cloudflare Access: Security service that controls who can access the application and its resources.
Workflow Steps
The frontend redirects the user to LinkedIn for authentication. After authentication, LinkedIn returns an authorization code to the frontend. Backend Processing:
The frontend sends the authorization code to the AWS API Gateway. API Gateway invokes the corresponding AWS Lambda function, passing the authorization code. The Lambda function communicates with LinkedIn to exchange the authorization code for an access token and user data. The Lambda function stores the user data in AWS DynamoDB. The Lambda function signs a JWT with the JSK and includes user-specific information. Frontend Interaction:
The Lambda function returns the JWT to the frontend through API Gateway. The frontend uses the JWT to display a personalized greeting (e.g., "Hello, [Name]"). Access Control:
For subsequent requests, the user's frontend sends the JWT with the request. Cloudflare Access validates the JWT and allows the user to access the application. This document provides a high-level overview of the application's infrastructure and workflow, ensuring a secure and efficient user authentication process and data management.