All Questions
Tagged with authorisation or authorization
10,503 questions
0
votes
0
answers
54
views
Next.js session object on client doesn't include custom role property
I'm trying to protect the client side in my Next.js app using a custom session with better-auth, but the role property not appear inside the session object , but when I display session.user.role` it ...
- 1
Best practices
0
votes
0
replies
79
views
NestJS authorization
https://docs.nestjs.com/security/authorization
Good morning guys. According to NestJS documentation, I can create policies that will be then used per endpoint or so. My only doubt is that the policies ...
Advice
1
vote
0
replies
47
views
How to implement role-based access control in a multi-tenant SaaS application?
I’m working on a multi-tenant SaaS application where different organizations can create and manage business plans and financial forecasts. Each organization has multiple users with different roles (e....
0
votes
0
answers
47
views
Blazor pipeline broken when introducing authorization
I've been wrestling with this for quite a while now. I have a working blazor (auto - hybrid) project called CustomerPortal and it created a CustomerPortal.Client for me as well.
I created a 2 razor ...
Best practices
0
votes
0
replies
51
views
Architectural pattern for binding user authorization to demonstrated comprehension before system execution?
In many distributed systems, user authorization is treated as sufficient proof of intent.
Examples:
Clicking “Approve”
Signing digitally
Submitting a confirmation request
Triggering a smart contract ...
Best practices
0
votes
2
replies
63
views
Rendering based on Authentication and Authorisation
Whats the best approach for rendering HTML on the client after passing authorisation and authentication? Below is my current code but I'm a bit stuck on where to go next, as I don't want to implement ...
- 61
Advice
0
votes
1
replies
80
views
How to handle authorization in a microservices environment using session-based authentication?
I lack experience with system design, and I’m struggling to understand how all the pieces fit together. I’d appreciate some help seeing the “big picture.”
I’m building a web application with a ...
Best practices
1
vote
1
replies
19
views
Next.js App Router: enforcing non-bypassable server-side route gating with middleware vs server components
I’m implementing server-side route gating in a Next.js (v16+) App Router application where a user must complete a required step (e.g. identity verification or compliance flow) before accessing ...
2
votes
1
answer
86
views
How can I enforce server-side step completion before allowing access to a route in Next.js?
I’m building a Next.js application where users must complete a required step (for example, identity verification or a comprehension step) before being allowed to access certain protected routes.
The ...
0
votes
2
answers
73
views
Yii2 action requires authorization, although it's available to everyone
A dynamic banner is placed on the page of the published post (the banner is taken from the database). Under an authorized user, it loads normally, but if I go to the URL without authorization, it ...
- 143
Best practices
0
votes
0
replies
20
views
Good Authentication/Authorization method for media streaming platform
I’m building a music streaming platform (like Spotify) as a study project and I’m working on authen/author mechanism. Can I have some advices on what kind of authen/author I should use for the ...
- 21
1
vote
1
answer
80
views
FIRECRAWL_API_KEY Id is not getting value from .env file
I was following the Advent of Agent and was building the multi-agent app with Firecrawl.
When I am using this line FIRECRAWL_API_KEY: "${FIRECRAWL_API_KEY}" inside the research_agent.yaml ...
- 495
0
votes
2
answers
88
views
Vue 3: Pinia Storage in Router Guards
My goal is to restrict access for authenticated users to the /login and /register routes
My Pinia Storage user.js contains user info and computed boolean property isAuthorized, when I am trying to use ...
- 123
0
votes
0
answers
100
views
.NET 8.0 getting session and authorization working together
I am having problems understanding how to get .NET 8.0 session and authorization working together.
Most of my controllers are decorated with the Authorize attribute, and I am accessing session ...
- 13.8k
Advice
3
votes
1
replies
94
views
How to redact information in API depending on authorization of client in scalable way?
I am writing a forum-like API and I want to protect private information from unauthorized users. Depending on the role of client that makes a request to GET /posts/:id I redact information such as the ...
