NestJS Authorization: RBAC, ABAC, claims-based, and more! | NestJS Guards Tutorial

Описание к видео NestJS Authorization: RBAC, ABAC, claims-based, and more! | NestJS Guards Tutorial

In this video we'll discuss the fundamentals of doing authorization on a NestJS API. We'll take a look at how to use custom decorators to add metadata to controller methods. We'll then work on creating a new guard specifically for authorization. We'll take a look at how to extract a user's roles and determine if they are allowed to process with the request or not. We'll also briefly discuss more advanced scenarios where you might want to use claims-based or perhaps attribute-based (ABAC) authorization techniques using libraries like CASL and accesscontrol.

Video on NestJS AUTHENTICATION (user logins):    • NestJS Authentication: JWTs, Sessions...  

00:00 - Intro
00:44 - Creating new application
02:08 - Defining User entity and Roles enum
05:37 - Defining our auth requirements
07:33 - Using SetMetadata decorator
08:40 - Creating a custom Roles decorator
10:51 - Creating a new Roles Guard
15:47 - Accessing user roles within a guard
21:08 - Discussing more advanced authorization with claims or permissions/attributes
25:31 - NestJS CASL Integration
25:47 - Outro

Комментарии

Информация по комментариям в разработке

Похожие видео