Reputation: 201
NodeJS Passport: Possible to authenticate roles?
I have node.js and passport working, using passport.js docs.
My question is, can I authenticate differently, using a LocalStrategy for different roles?
I have regular users, and admin users, and of course, some pages are only for admins.
Upvotes: 1
Views: 2890
Answers (2)
Reputation: 9636
Your have to design your database in a manner where you can remember if user is a admin or regular users etc (i.e you will have to make the data persist).
Now as to how to use this local strategy? I really doubt you need that in local strategy unless you are looking for your user to login every time he requests a new page with his username and password. You should be using sessions, you could add a special special req.role in user de-serialize method.
Now for every view you need to check whether the user's role allow him to view it or not? You can define a custom strategy that checks this for you? In that strategy just check for req.user.role and allow for a particular role per page.
I hope this helps you!!!
Upvotes: 1
Reputation: 201
I was five minutes away from answering my own question.
You can find User entity data in req.user with passport.
so I can use this
if (req.user.role == "Admin") {
// render page here
} else {
// redirect somewhere else
}
Upvotes: 4
Related Questions
- Verifying roles & authentication with Passport.js
- How to implement role based authorization in Node.js using token based authentication?
- How to implement User roles in nodejs passportjs
- Hot to set authentication in passport-jwt with different role of user?
- Passport authenticate options for Nodejs
- Using 'passport.isAuthenticated()' to check multiple user roles in Nodejs
- Can this way auth user with role?
- How to handle authorization in a layered nodejs with passport app?
- Node + Passport - multiple users
- Passport for authentication in Node JS