-
Description:
Create middleware to protect routes based on user roles and permissions.
-
Based on the quick POC avaliable [here](https://github.com/canonical/identity-platform-admin-ui/commit/91d5094a98a9893edd9aeea9c90ec27578e3739e) we might want to offload all the authorization checks o…
-
Hi,
How on the Giraffe example, can I made authorization based on policies. I mean something like [this](https://github.com/graphql-dotnet/authorization) and this [Giraffe PR](https://github.com/gira…
-
## Problem
Currently the we only have _authentication_ middleware - the session. This identifies you, but doesn't do any checks (mostly).
The session doesn't guarantee that you are logged in.
We then…
-
Implement middleware functions for authorization.
-
## Description
The current implementation of the JWT middleware applies the same authorization logic to all route functions under a specific route prefix. This approach lacks the flexibility requir…
-
Hi,
The authentication chapter describes using [NextAuth](https://nextjs.org/learn/dashboard-app/adding-authentication#protecting-your-routes-with-nextjs-middleware) to protect routes using a middl…
-
The exposed middleware only handles token parsing (and verification), not authorization.
This is done on purpose: authorization is usually specific to each endpoint, while a middleware is called be…
-
**Context**
The support for authorization as a middleware is application specific.
**Solution**
We need to write good examples how to implement the authorization using the middleware.
-
There must be middleware around API to check if a user is authorized. There probably should be a similar one for the usual UI pages, if the front-end team wants it. (@tanya-kta?)