Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add middleware to handle JWT authentication and authorization #46

Closed
Tracked by #24
Goncalo-Marques opened this issue Mar 26, 2024 · 0 comments · Fixed by #49
Closed
Tracked by #24

Add middleware to handle JWT authentication and authorization #46

Goncalo-Marques opened this issue Mar 26, 2024 · 0 comments · Fixed by #49
Assignees
@Goncalo-Marques
Labels
enhancement New feature or request server app Work associated with the server app

Comments

@Goncalo-Marques
Copy link
Owner

Goncalo-Marques commented Mar 26, 2024
edited

The middleware must:

  • Validate JWT
  • Retrieve associated user
  • Guarantee user is authorized to perform the operation (depending on its role)
@Goncalo-Marques Goncalo-Marques self-assigned this Mar 26, 2024
@Goncalo-Marques Goncalo-Marques added enhancement New feature or request server app Work associated with the server app labels Mar 26, 2024
@Goncalo-Marques Goncalo-Marques mentioned this issue Mar 26, 2024
Closed
5 tasks
@Goncalo-Marques Goncalo-Marques changed the title Add middleware to handle JWT authentication Add middleware to handle JWT authorization Mar 26, 2024
@Goncalo-Marques Goncalo-Marques changed the title Add middleware to handle JWT authorization Add middleware to handle JWT authentication and authorization Mar 26, 2024
@Goncalo-Marques Goncalo-Marques linked a pull request Mar 31, 2024 that will close this issue
feat: add authorization middleware #49
Merged
@Goncalo-Marques Goncalo-Marques mentioned this issue Mar 31, 2024
Merged
Goncalo-Marques added a commit that referenced this issue Mar 31, 2024
@Goncalo-Marques
feat: add authorization middleware (#49)
d8d3cda 
Refs: closes #46 

## Summary

Add an authorization middleware for the employees and users based on
their role.

## Changes

- Add bearer auth scopes in the swagger spec
- Add forbidden error code in the swagger spec
- Add subject roles to JWT claims
- Add authorization middleware
- Add service method logging key
- Add store method to get employee by username
- Update employee domain structure
- Update sign in employee service method to create and return JWT
- Remove `public.` prefix from database migrations
- Remove redundant token validation after parsing the JWT
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Goncalo-Marques Goncalo-Marques

Labels
enhancement New feature or request server app Work associated with the server app
Projects
EcoMap
Status: Done
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat: add authorization middleware Goncalo-Marques/ecomap
1 participant
@Goncalo-Marques