Closed ctc-devops closed 2 years ago
This is a pretty barebones implementation. For "functionality for role based access" should we write some sample code and comment it out or how should we show it?
For role based access, assume that the users role is stored in a cookie named role
, then pass a prop to ProtectedRoute
that allows developers to specify which roles should have access using an array of strings. ex:
<ProtectedRoute path="/admin-only" component={AdminOnly} roles={["admin"]} />
<ProtectedRoute path="/user-only" component={UserOnly} roles={["user"]} />
<ProtectedRoute path="/both" component={Both} roles={["admin", "user"]} />
You can set this role
cookie yourself in a few different ways, but using inspect element might be the easiest. Feel free to take a look at #14 for more context on the role
cookie.
For role based access, assume that the users role is stored in a cookie named
role
, then pass a prop toProtectedRoute
that allows developers to specify which roles should have access using an array of strings. ex:<ProtectedRoute path="/admin-only" component={AdminOnly} roles={["admin"]} /> <ProtectedRoute path="/user-only" component={UserOnly} roles={["user"]} /> <ProtectedRoute path="/both" component={Both} roles={["admin", "user"]} />
You can set this
role
cookie yourself in a few different ways, but using inspect element might be the easiest. Feel free to take a look at #14 for more context on therole
cookie.
Ok I think we will wait until #14 makes their final changes and gets merged
I addressed all changes but this code doesn't work without the new ROLE attribute in cookieKeys introduced in #14 (my local file includes it so I could test but it's not pushed since it's part of 14) Probably best if 14 is merged first and then I can merge everything into here...or I can just pre-emptively merge right now if you guys want.
Merged
Add a wrapper around
Route
fromreact-router-dom
to prevent users who aren't logged in from visiting certain pages. Also add functionality for role based access, but don't worry about implementing user roles (user roles will be stored in cookies).See the WMK example from last year.
verifyToken
will be completed in a later sprint, so just add a dummy function there for now.closes #9