Multi user level

[kenanchristian]

Is there any way to check the user level on sepcific routes?

I've successfully implement the basic jwt, which is checking if the user is correct or not.

What i want to achieve now is something like this. Let's say i got 2 routes, the first one is /user which can be accessed by any logged in user, and the second one is /admin which can only be accessed by user that logged in and is an admin.

[mikenicholson]

Passport and by extension passport-jwt are authenitcation frameworks. Now that you have authentication working you're looking to implement authorization.

Since Passport is just an authentication framework it has no notion of authorization - whether a given user is allowed to do some thing. You can roll your own authorization framework or use something someone else has written. The readme for MustBe explains the difference well. I haven't actually used that framework so don't count this as an endorsement of anything but the README :).

[kenanchristian]

@themikenicholson oh yeah, I'm sorry. After your explanation this issue seems in a wrong place

Thanks for the info :+1:

[mikenicholson]

No problem. It's a common question.