Mayank Maheshwari

How the web works 2.0 (GMAIL Authorisation)

Mayank Maheshwari's photo
Mayank Maheshwari
·

2 min read

How web works

We first write the URL of our Gmail application (gmail.com) on a web browser. It is then used by our internet service provider (ISP) which further uses DNS (Domain Name Server) for identifying the IP address of that URL to send the request (GET, PUT, POST, DELETE). After they found the IP address of that GATEWAY (server), we have the following -

GATEWAY SERVER - Web(HTTP) request is reached to the gateway server (or proxy server used to secure the system). This server identifies what type of service the user wants to do, and for that, they have a mapping table like -

Service1 - REGISTER/SIGN-UP (GET) Service2 - Delete the profile (DELETE)

Some other tasks of proxy server is -

  1. Routing request to correct handler (microservices)
  2. Secure system and block suspicious users.

Note - We can add one more server (service manager) to handle the verification of service routing tasks. The gateway server can ask the service manager to give up the required service name so that I can route the particular request to the correct handler. Shorter, the Service manager now stores all the mapping-related data. Further, it is in constant touch with the microservices(server) to see if they are dead or alive. Also, we can reduce the API calls from the gateway to the service manager by using a cache of the mapping table and storing it in the gateway server.

Microservices

See this link if you haven't checked out my microservice post Microservice.

So, Gmail.com/auth?GET#userid='mayank'+pass='bl.. reached our microservice name 'auth' with the help of gateway and service manager. This service takes the name and password from the request body and places them under databases after verification.

How two-factor authentication works - Before putting your data into the database, auth service has a verification database table for OTP with user id, verified (Initially=False), and timestamp to send you an OTP to your mobile no. or email address (whatever you selected to sign/login)using SMS service templates.

After putting the top to the verification page in the given timestamp, the user becomes verified and the verified parameter in the verification database becomes TRUE.

Done, thanks for reading.

Web Developmentwebdevsoftware developmentSystem ArchitectureProgramming Blogs