NestJS Authorization: RBAC, ABAC, claims-based, and more! | NestJS Guards Tutorial
In this video we'll discuss the fundamentals of doing authorization on a NestJS API. We'll take a look at how to use custom decorators to add metadata to controller methods. We'll then work on creating a new guard specifically for authorization. We'll take a look at how to extract a user's roles and determine if they are allowed to process with the request or not. We'll also briefly discuss more advanced scenarios where you might want to use claims-based or perhaps attribute-based (ABAC) authorization techniques using libraries like CASL and accesscontrol.
Video on NestJS AUTHENTICATION (user logins): • NestJS Authentication: JWTs, Sessions...
00:00 - Intro
00:44 - Creating new application
02:08 - Defining User entity and Roles enum
05:37 - Defining our auth requirements
07:33 - Using SetMetadata decorator
08:40 - Creating a custom Roles decorator
10:51 - Creating a new Roles Guard
15:47 - Accessing user roles within a guard
21:08 - Discussing more advanced authorization with claims or permissions/attributes
25:31 - NestJS CASL Integration
25:47 - Outro
Watch video NestJS Authorization: RBAC, ABAC, claims-based, and more! | NestJS Guards Tutorial online, duration hours minute second in high quality that is uploaded to the channel Marius Espejo 09 October 2021. Share the link to the video on social media so that your subscribers and friends will also watch this video. This video clip has been viewed 41,563 times and liked it 1.4 thousand visitors.
