To achieve role bases access control, I have implemented netsjs' guards to create authentication determininers. I have implemented metadata annotations to mark protected routes in conrollers and actions based on availability of specific granted authorities in the authentication context.
My authentication context is slotted in the Express Request object and holds the currently authenticated user's identifiers like email and id as well as the authorities assigned to the user.
Each protected request determines existence of an intersection between required roles and current users roles. If the intersection is not empty, access is granted otherwise access is denied with a 403 status code.
To easily help spin up the threes services (nestjs api, vujs frontend and mysql database) I have containerized each and managed them with docker compose.
I have also used Taskfile to help easy spin of the services and cleanup based on specific tasks.
- Linux operating system
- Docker
- Docker Compose
- Taskfile
- 5000 NestJs API
- 4000 VueJs FrontEnd
- 3306 Mysql Database
Visit https://taskfile.dev/ for a guide to getting up and running with task.
task startNOTE
At initial startup the api may timeout before the database gets ready. Please consider stopping the server CTRL + C and try again.
Visit VUE FRONTEND to view the web interface.
Login with the seeded admin user Use the following email and password
- Email:
[email protected] - Password:
Password123@
The API is also available at http://localhost:5000
task cleanBelow is a link to a video demonstrating various user roles: