I am performing an assignment which consists of implementing a simple ticketing system using microservices. This is the first time I deal with microservices architecture so I have quite a few doubts about it.
To summarize, the application must implement three types of roles, users, agents and administrators. The users will be able to create the tickets that will be attended by the agents and will carry out the whole process to provide a solution. Administrators will be able to manage users and generate reports.
The first question I have is about the implementation of the database. I have researched about the different approaches that exist for it, but for now the one that interests me, for the simplicity of the case (or so I think), is the database-per-service approach.
The question I have is about the information I should store in each database. For example, in the case of the database for the tickets service I have the following:
And for the users service database I have the following:
Specifically my question is about how to handle the "foreign keys" in each database. For example, in the "tickets" entity I have the user_id attribute, which corresponds to the identifier of the user who created the ticket. For now, what I plan to do is to send in a token the information with the user's identifier to the endpoints dedicated to handling the tickets. But how can I make sure that the user who makes the request actually exists, i.e. I know that authentication and authorization must be performed first, but how is this type of integrity handled in a microservices architecture.
The second question is about how to handle the authentication and authorization service and the user service (the additional information they have). That is, should they be separate services and if so, how should they be related and how should the authentication system work to obtain the users' information, that is, should they have separate databases, should they use the same database? For example, if they want to use Spring Security, should they use the same database in that service as in the service that is in charge of user management?
Thanks.