Provide support for User Levels

CanKattwinkel / starter

Simple starter with Angular Client, NestJS API and Postgres + TypeORM DB. Implements things from i18n to XSRF and JWT.

5 stars 1 forks source link

Provide support for User Levels #5

Open CanKattwinkel opened 6 years ago

CanKattwinkel commented 6 years ago

Inspiration: https://github.com/zelazna/NestAPI/blob/da1bfcd32223bcbec26e190aee4742430669927b/src/common/guards/roles.guard.ts

The system may have to allow fine-grained authorizations from the outset. So when starting working on this, take a look at how other projects handle this.

Fixed when:

[ ] the user entity has a user level
[ ] each endpoint can have a specific required user level

jamshally commented 6 years ago

From the code, it looks like the auth guards are currently just checking to see if the user is logged in or not. It would be useful to see how the admin section could just be restricted to a specific user role.

Thank you for sharing this code. This has been very helpful for understanding how to implement JWT authentication and authorization with a NestJS project.