-
-
Notifications
You must be signed in to change notification settings - Fork 556
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add the flexibility of multiple roles #349
Comments
@njhargis sounds good! You're very wellcome to fork the repo, create a branch for the roles implementation, and a PR. If the roles implementation will end-up simple enough, yet generic and flexible, we may decide to merge it into the main branch, alternatively we can leave it as an example branch. A few things to note:
For example, if the list of roles will be included into the authentication (JWT) token, it may look like this: {
"iss": "https://examle.com",
"aud": "https://example.com",
"sub": "123456",
"exp": 1499863217,
"roles": ["owner"]
} If authentication is implemented at the application level, it may look something like this: async resolve(self, args, ctx) {
if (!ctx.user) {
throw new Unuthorized();
}
if (!ctx.user?.roles.some(role => "editor")) {
throw new Forbidden();
}
...
} The list of roles may look something like this: export const userRoles = [
{ role: "owner", name: "Owner" },
{ role: "editor", name: "Editor" },
{ role: "collaborator", name: "External Collaborator" }
];
Further reading |
I have code that creates roles, and users can have multiple roles. It also checks if they have the administrator role, rather than using a flag on the user row.
If this is useful to add to the template, let me know and I can add it through a PR.
The text was updated successfully, but these errors were encountered: