We are a set of Fullstack developers who are using Java Springboot and MySQL to develop backends with JWT authentication and use VueJS / ReactJS to develop single page frontend. We have also used Laravel views to develop our frontend applications to work with external APIs.
Recently we have been provided with a project that enforces to use AEM for the development of a customer portal that allows customers to register with mobile number and OTP, view and manage their profile, send service requests to administrators and there has to be a separate admin portal which allows the administrators to log in and see customer requests and other administration work.
The system utilizes a lot of third party API from different services and we want to manage everything using a single backend. Following is the architecture we are planning to develop
My questions are,
1. Is this a correct approach when developing with AEM as we are not utilizing many CMS features of it?
2. Since REST APIs are being used, what are the methods that we can use which also caters JWT based authentication? (eg: how to save the user token, manage state etc)
Based on the client policies, we have to use AEM for any frontends and Managed SQL (provided by them) for the database.
1. Use AEM only as CMS not for the frontend. From AEM side make API call to get the vary little data to be consumed by the server side and for the rest of the data, provide required information in the form of window object to frontend.
2. Use React to make the API call based on the data provided by AEM to generate the look and fill of the frontend.
Serverside call is expensive.
You can use some middle ware like APIGEE accomplish your API security needs.