Рет қаралды 98,699
Web Dev Roadmap for Beginners (Free!): bit.ly/DaveGrayWebDevRoadmap
Learn how to authorize user roles and permissions in this Node.js & Express authorization tutorial. We'll start by learning the difference between authentication and authorization. Then we'll build middleware for our REST API that authorizes specific roles for data endpoint access.
🚩 Subscribe ➜ bit.ly/3nGHmNn
🚀 This tutorial is part of a Node.js & Express for Beginners tutorial series playlist:
• Node.js Tutorials for ...
🔗 Starter Source Code: github.com/gitdagray/express_jwt
🔗 Completed Source Code: github.com/gitdagray/express_...
How to Authorize User Roles and Permissions | Node.js & Express Authorization Tutorial
(00:00) Intro
(00:05) Welcome
(00:15) Authentication vs Authorization
(01:44) Configure the User Roles
(02:53) Add roles to the user data model
(04:59) Add a user role at registration
(06:01) Add user roles to access token at authentication
(09:09) Add user roles to access token when refreshed
(10:28) Update the verifyJWT middleware to include roles
(13:18) Create the verifyRoles middleware
(19:19) Add the verifyRoles middleware to routes
(22:04) Test routes with Thunder Client
(27:14) A quick note on Thunder Client
📚 JWT References:
Intro to JSON Web Tokens: jwt.io/introduction
All You Need to Know About Storing JWT in the Frontend: dev.to/cotter/localstorage-vs...
NPM jsonwebtoken package: www.npmjs.com/package/jsonweb...
NPM cookie-parser package: www.npmjs.com/package/cookie-...
Deleting Cookies: expressjs.com/en/api.html#res....
Cross-Site Scripting (XSS): owasp.org/www-community/attac...
Cross-Site Request Forgery (CSRF): owasp.org/www-community/attac...
REST Security Cheat Sheet: cheatsheetseries.owasp.org/ch...
📚 Login References:
Bcrypt: www.npmjs.com/package/bcrypt
How to Safely Store a Password: codahale.com/how-to-safely-st...
MDN: HTTP Response Status Codes: developer.mozilla.org/en-US/d...
📚 More References:
Node.js Official site: nodejs.org
NPM Official site: www.npmjs.com/
Express JS Official site: expressjs.com/
MDN CORS: developer.mozilla.org/en-US/d...
NPM CORS: www.npmjs.com/package/cors
✅ Follow Me:
Twitter: / yesdavidgray
LinkedIn: / davidagray
Blog: yesdavidgray.com
Reddit: / daveoneleven
Was this tutorial about how to authorize user roles and permissions with Node.js and Express JS helpful? If so, please share. Let me know your thoughts in the comments.
#user #roles #authorization