set role into session
Answered
Savannah posted this in #help-forum
SavannahOP
Hey guys, i'm trying to get the role when i'm loggin into my dashboard, but
[...nextauth]/route.ts :
const {data: session, status} = useSession(); is only returning me the name and the email, however, I return well the table of my user which comprises several things and in particular the role[...nextauth]/route.ts :
import NextAuth, { AuthOptions, User as NextAuthUser } from "next-auth";
import CredentialsProvider from "next-auth/providers/credentials";
import { getUserByEmail } from "@/app/lib/users/get";
import { User } from "@/app/types/UserType";
import bcrypt from "bcryptjs";
import {createSession} from "@/app/lib/users/session";
interface Credentials {
email: string;
password: string;
}
export const authOptions: AuthOptions = {
providers: [
CredentialsProvider({
name: "Credentials",
credentials: {},
async authorize(credentials, req): Promise<NextAuthUser | null> {
if (!credentials) return null;
const { email, password } = credentials as Credentials;
const user = await getUserByEmail(email);
if (!user) return null;
if (bcrypt.compareSync(password, user.password)) {
await createSession(String(user.id));
return {
...user,
id: String(user.id)
};
} else {
return null;
}
}
})
],
secret: process.env.NEXTAUTH_SECRET,
session: {
strategy: "jwt"
}
};
export const handler = NextAuth(authOptions);
export { handler as GET, handler as POST };Answered by B33fb0n3
By the way it looks like you using next-auth and not auth.js. I recommend you to stay at next-auth, because I heard about many bugs inside auth.js. fertp linked a guide how you can update it in auth.js, but you may want to stay in next-auth.
How you can add a role(s) in next-auth?
1. Define a
2. Paste the following code inside (you can change
3. Take a look at the screenshot and add your groups like to your session
4. Success: You can see that you will get all the defined values typesafe
How you can add a role(s) in next-auth?
1. Define a
/types/next-auth.d.ts file in your root folder.2. Paste the following code inside (you can change
groups also to roles or whatever you like: https://paste.gg/p/B33fb0n3/829af5ac6ca4437f8672ef0e7161478a3. Take a look at the screenshot and add your groups like to your session
4. Success: You can see that you will get all the defined values typesafe
18 Replies
Madeiran sardinella
Check this up!
https://authjs.dev/guides/role-based-access-control
https://authjs.dev/guides/role-based-access-control
@Madeiran sardinella Check this up!
https://authjs.dev/guides/role-based-access-control
SavannahOP
Okay, I had seen that once after posting my message. I'll test it tomorrow morning.
Do you recommend this method for getting the user's session or is there something better to do at this level?
Do you recommend this method for getting the user's session or is there something better to do at this level?
@Savannah Okay, I had seen that once after posting my message. I'll test it tomorrow morning.
Do you recommend this method for getting the user's session or is there something better to do at this level?
for RBAC I like to use this: https://www.npmjs.com/package/easy-rbac
As the title says it's easy-rbac. You can easily handle role based access control
As the title says it's easy-rbac. You can easily handle role based access control
By the way it looks like you using next-auth and not auth.js. I recommend you to stay at next-auth, because I heard about many bugs inside auth.js. fertp linked a guide how you can update it in auth.js, but you may want to stay in next-auth.
How you can add a role(s) in next-auth?
1. Define a
2. Paste the following code inside (you can change
3. Take a look at the screenshot and add your groups like to your session
4. Success: You can see that you will get all the defined values typesafe
How you can add a role(s) in next-auth?
1. Define a
/types/next-auth.d.ts file in your root folder.2. Paste the following code inside (you can change
groups also to roles or whatever you like: https://paste.gg/p/B33fb0n3/829af5ac6ca4437f8672ef0e7161478a3. Take a look at the screenshot and add your groups like to your session
4. Success: You can see that you will get all the defined values typesafe
Answer
@B33fb0n3 By the way it looks like you using next-auth and not auth.js. I recommend you to stay at next-auth, because I heard about many bugs inside auth.js. fertp linked a guide how you can update it in auth.js, but you may want to stay in next-auth.
How you can add a role(s) in next-auth?
1. Define a /types/next-auth.d.ts file in your root folder.
2. Paste the following code inside (you can change groups also to roles or whatever you like: https://paste.gg/p/B33fb0n3/829af5ac6ca4437f8672ef0e7161478a
3. Take a look at the screenshot and add your groups like to your session
4. Success: You can see that you will get all the defined values typesafe
SavannahOP
with this method, is it possible to change de User interface in the next-auth.d.ts file by any chance ?
Because, i cannot access to the role in the callbacks session or jwt
I only have the name, email or token id
your token propably won't have the key (as you can see in my screenshot I also cast it to string[] in my session). After you added the types, they should be available inside your session and your can access these values clientside and serverside. The roles/groups/... then are in your session
@B33fb0n3 your token propably won't have the key (as you can see in my screenshot I also cast it to string[] in my session). After you added the types, they should be available inside your session and your can access these values clientside and serverside. The roles/groups/... then are in your session
SavannahOP
how did you access to your groups in the jwt method ?
like you did token.groups = dbAccount...
what does your
db.Account.accountsToGroups...SavannahOP
I succeeded @B33fb0n3
I just understood the logic
thanks a lot brother !
And thanks too @Madeiran sardinella 😉
@Savannah I just understood the logic
good job 👍 happy to help. Please mark solution
@B33fb0n3 good job 👍 happy to help. Please mark solution
SavannahOP
did you kno how can i do it ? Cause when i right click on the channel, i didn't have the "Apps" field