Open eternalee opened 1 month ago
Hi, I'm not sure I get your use-case, why do you need granular validation? How auth token will provide that?
For example, different users have access to different bull jobs and the auth token may have roles stored inside
Ok, but this is exactly what the auth example does... Put a cookie with JWT, and in the middleware check you custom selection, no?
Yes a cookie implementation works but I think something like how the auth token input is done in Swagger may be a bit more user-friendly, as a suggestion.
Swagger is an API docs app, it does make to allow adding an authorization header there.
If you have any specific flow that the board is not supports, I can check if it is relevant for it, or suggest other alternative, auth by default is not part of this lib.
Feature request:
Similar to how Swagger UI Docs have an Authorize button at the top, where the user can paste in a bearer Authorization token into the request headers, is it possible to add an Authorize button to the top of Bull Board? It could popup a modal for the user to paste in a bearer token. Then if it is provided, is it possible for all the subsequent Bull Board requests to include that bearer token in the request headers? I imagine we can then use the BullBoard middleware to check permissions.
The Passport auth example is great but I think this approach would give us more granular job/request-level access validation.
Thank you!