Comments (9)
Hi prashid!
If you want to eliminate access levels you could do a bitwise OR to combine all the user roles you want to allow to calculate the access level on the fly. So your routes which have access level user
(= 110) could be declared as userRoles.user | userRoles.admin
(010 | 100 = 110) instead. It's really a matter of taste, but I prefer declaring access levels up front.
PS! I just pushed a commit 41037bf wherein I make the declaration of access levels much more readable. So now I declare my access levels like so:
exports.accessLevels = {
public: userRoles.public | userRoles.user | userRoles.admin,
anon: userRoles.public,
user: userRoles.user | userRoles.admin,
admin: userRoles.admin
};
Hopefully that makes it easier to work with?
from angular-client-side-auth.
Thanks alot for you help. I will look into it and get back to you if anything related to it. Thanks again.
from angular-client-side-auth.
Alright, I'll go ahead and close this issue, but feel free to reopen it if you encounter any related problems.
from angular-client-side-auth.
Hi, I have 2 questions.
What this code do?
public: userRoles.public | userRoles.user | userRoles.admin,
| is OR sign?
When this path is triggered
// User resource
{
path: '/users',
httpMethod: 'GET',
middleware: [ensureAuthenticated, ensureAuthorized, UserCtrl.index],
accessLevel: accessLevels.admin
},
Thanks
from angular-client-side-auth.
One more question with the above questions.
If I want to use CSRF in you app than need to create another cookie for that like below to make it work?
res.cookie('XSRF-TOKEN', req.session._csrf);
from angular-client-side-auth.
|
in Javascript does a Binary OR of the specified operands, so public: userRoles.public | userRoles.user | userRoles.admin
computes an access level based on the user roles I've specified earlier. Basically, I'm just listing up all the user roles I want to be authorized for the given access level.
As for your second question, yes, you will have to set the CSRF cookie separately. If you're using Node.js/express, you can do this using the express.csrf()
middleware.
from angular-client-side-auth.
Thanks for the reply.
And when this path is triggered. I don't see anything related to /users. Is it specific to passport?
// User resource
{
path: '/users',
httpMethod: 'GET',
middleware: [ensureAuthenticated, ensureAuthorized, UserCtrl.index],
accessLevel: accessLevels.admin
},
from angular-client-side-auth.
Ah, I forgot to respond to that. That route is just to serve up a JSON feed listing the registered users. In the example app it's called via an AJAX request on the "admin" page. You can access this route directly in your browser by visiting http://your-url-here/users.
By the way, I just merged a pull request from @derekbarnhart, in which he makes it a lot easier to work with user roles and access levels. So if you check out routingConfig.js you will see that you don't have to bother with bit masks anymore, but can just declare your roles and access levels using strings instead. Hopefully that will make it a little easier to work with :)
from angular-client-side-auth.
Thanks. Got the new changes. Will be in touch.
from angular-client-side-auth.
Related Issues (20)
- Replace $cookieStore to $cookies HOT 1
- I am new to npm and angular, I tried on windows 8.1, i was able to complete npm install, but npm start gave error HOT 1
- Server depends on a file located in the client directory HOT 1
- book mark HOT 2
- npm install throwing me to include npm-debug.log
- react js issue
- npm run build error HOT 3
- Can't start the "npm run dev" on my ubuntu 17.10 Laravel 5.5
- I am new with Node and it gives me error whenever i run npm start command.Can anyone please help me....
- i have error when i write npm start
- I'm new with Node
- Unresolved variable or type routingConfig HOT 2
- Google Logout HOT 2
- How about using JWT instead of cookies HOT 5
- "data.access" in toState is always false HOT 2
- Integration with Django HOT 3
- Social sites login
- Question about passing the user to HTTP GET * HOT 1
- Use ng-if instead CSS HOT 5
- any sample with asp.net mvc HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from angular-client-side-auth.