Course Hive
Search

Welcome

Sign in or create your account

Continue with Google
or
How to Authorize User Roles and Permissions | Node.js & Express Authorization Tutorial
Play lesson

Node.js Tutorials for Beginners - How to Authorize User Roles and Permissions | Node.js & Express Authorization Tutorial

4.0 (3)
30 learners

What you'll learn

This course includes

  • 15 hours of video
  • Certificate of completion
  • Access on mobile and TV

Summary

Keywords

Full Transcript

Web Dev Roadmap for Beginners (Free!): https://bit.ly/DaveGrayWebDevRoadmap Learn how to authorize user roles and permissions in this Node.js & Express authorization tutorial. We'll start by learning the difference between authentication and authorization. Then we'll build middleware for our REST API that authorizes specific roles for data endpoint access. 🚩 Subscribe ➜ https://bit.ly/3nGHmNn 🚀 This tutorial is part of a Node.js & Express for Beginners tutorial series playlist: https://www.youtube.com/playlist?list=PL0Zuz27SZ-6PFkIxaJ6Xx_X46avTM1aYw 🔗 Starter Source Code: https://github.com/gitdagray/express_jwt 🔗 Completed Source Code: https://github.com/gitdagray/express_user_roles How to Authorize User Roles and Permissions | Node.js & Express Authorization Tutorial (00:00) Intro (00:05) Welcome (00:15) Authentication vs Authorization (01:44) Configure the User Roles (02:53) Add roles to the user data model (04:59) Add a user role at registration (06:01) Add user roles to access token at authentication (09:09) Add user roles to access token when refreshed (10:28) Update the verifyJWT middleware to include roles (13:18) Create the verifyRoles middleware (19:19) Add the verifyRoles middleware to routes (22:04) Test routes with Thunder Client (27:14) A quick note on Thunder Client 📚 JWT References: Intro to JSON Web Tokens: https://jwt.io/introduction All You Need to Know About Storing JWT in the Frontend: https://dev.to/cotter/localstorage-vs-cookies-all-you-need-to-know-about-storing-jwt-tokens-securely-in-the-front-end-15id NPM jsonwebtoken package: https://www.npmjs.com/package/jsonwebtoken NPM cookie-parser package: https://www.npmjs.com/package/cookie-parser Deleting Cookies: http://expressjs.com/en/api.html#res.clearCookie Cross-Site Scripting (XSS): https://owasp.org/www-community/attacks/xss/ Cross-Site Request Forgery (CSRF): https://owasp.org/www-community/attacks/csrf REST Security Cheat Sheet: https://cheatsheetseries.owasp.org/cheatsheets/REST_Security_Cheat_Sheet.html 📚 Login References: Bcrypt: https://www.npmjs.com/package/bcrypt How to Safely Store a Password: https://codahale.com/how-to-safely-store-a-password/ MDN: HTTP Response Status Codes: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status 📚 More References: Node.js Official site: https://nodejs.org NPM Official site: https://www.npmjs.com/ Express JS Official site: https://expressjs.com/ MDN CORS: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS NPM CORS: https://www.npmjs.com/package/cors ✅ Follow Me: Twitter: https://twitter.com/yesdavidgray LinkedIn: https://www.linkedin.com/in/davidagray/ Blog: https://yesdavidgray.com Reddit: https://www.reddit.com/user/DaveOnEleven Was this tutorial about how to authorize user roles and permissions with Node.js and Express JS helpful? If so, please share. Let me know your thoughts in the comments. #user #roles #authorization

Course Hive

Continue this lesson in the app

Install CourseHive on Android or iOS to keep learning while you move.

Related Courses

FAQs

Course Hive
Download CourseHive
Keep learning anywhere