Client profile of Vet Clinic Microservices DDD Node Typescript React MongoDB

Improve Auth, API Gateway, client context, and pets CRUD
Added HTTP cookies and JWT authentication
Updated CORS configuration
Modified API Gateway mapping
Adjusted client-microservice bounded context
Added pets with awards to client model
Updated front-end (Redux, profile.tsx, pets CRUD)
Modified login flow

The project is currently under development, and the most recent commit focuses on strengthening authentication, refining the API gateway, improving service boundaries, and expanding the client and pets functionality.

In this update, JWT based authentication was introduced to provide secure, token-driven access management. Tokens are now stored in HTTP-only cookies, which prevents them from being exposed to client-side scripts and reduces the risk of XSS attacks.

On top of that, role-based authorization has been implemented to give users access only to the operations they are allowed to perform.

The security posture of the system was also enhanced by tightening CORS rules to restrict which origins can call the APIs, adding input validation to prevent injection attacks, and ensuring secure headers are consistently applied through the proxy and services.

From an architectural perspective, the API Gateway mapping was modified to improve routing and request handling, while the client microservice bounded context was adjusted to achieve a clearer separation of responsibilities. On the domain side, pets were added to the client model, now supporting awards, with full CRUD operations exposed for management.

On the frontend, Redux was updated to accommodate these new features, profile page was modified to display pets and awards, and the login flow was reworked to align with the new authentication approach using cookies and JWT.