Giter Site home page Giter Site logo

Comments (2)

jmikrut avatar jmikrut commented on June 16, 2024 1

Hey @ahaasler — yes, this is totally possible. But, our local API does not accept token as an argument. Instead, it accepts a full user.

We would certainly accept a PR that exposes a new property to our local API called userToken or similar, that will accept a string JWT and attempt to verify / decode it for use as a user, but right now, we only accept a user.

To decode the token and pass it as a user to the payload.find local API method, you would do something like this:

import jwt from 'jsonwebtoken';
import { notFound } from "next/navigation";
import { getPayloadClient } from "@/content/payloadClient";
import { Post } from "@/content/types";
import RichText from "@/components/RichText";
import { cookies } from 'next/headers'


async function getPostBySlug(slug: string): Promise<Post> {
  const payload = await getPayloadClient();
  const cookieStore = cookies()
  // new line to verify JWT using cookie value and payload secret
  const user = jwt.verify(cookieStore.get('payload-token').value, payload.secret)

  const posts = await payload.find({
    collection: "posts",
    overrideAccess: false,
    // just pass the user
    user,
    where: {
      slug: {
        equals: slug,
      },
    },
  });
  return posts.docs[0];
}

I haven't tested the above, but this should work just fine!

Give it a shot?

from next-payload.

ahaasler avatar ahaasler commented on June 16, 2024

Hi @jmikrut, thanks for your help. It almost works out of the box.

When using roles, the user document in the token does not work for access control without including said roles.

If the role can be inferred from the email the solution is pretty easy:

if (user?.email === "[email protected]") {
	user.roles = ["admin"]
}

If that is not possible, a user search solves it:

const userWithRoles = await payload.findByID({
	collection: "users",
	id: user?.id
})

But the best solution is to modify the user collection so that the roles are stored on the token with saveToJWT: true,:

import type { CollectionConfig } from 'payload/types'

export const Users: CollectionConfig = {
	slug: 'users',
	auth: true,
	admin: {
		...
	},
	access: {
		...
	},
	fields: [
		...
		{
			name: 'roles',
			type: 'select',
			hasMany: true,
			saveToJWT: true,
			defaultValue: ['public'],
			required: true,
			access: {
				...
			},
			options: ['admin', 'public'],
		},
	],
}

from next-payload.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.