NestJS Authorization: RBAC, ABAC, claims-based, and more! | NestJS Guards Tutorial
In this video we'll discuss the fundamentals of doing authorization on a NestJS API. We'll take a look at how to use custom decorators to add metadata to controller methods. We'll then work on creating a new guard specifically for authorization. We'll take a look at how to extract a user's roles and determine if they are allowed to process with the request or not. We'll also briefly discuss more advanced scenarios where you might want to use claims-based or perhaps attribute-based (ABAC) authorization techniques using libraries like CASL and accesscontrol.
Video on NestJS AUTHENTICATION (user logins):
00:00 - Intro
00:44 - Creating new application
02:08 - Defining User entity and Roles enum
05:37 - Defining our auth requirements
07:33 - Using SetMetadata decorator
08:40 - Creating a custom Roles decorator
10:51 - Creating a new Roles Guard
15:47 - Accessing user roles within a guard
21:08 - Discussing more advanced authorization with claims or permissions/attributes
25:31 - NestJS CASL Integration
25:47 - Outro
Watch video NestJS Authorization: RBAC, ABAC, claims-based, and more! | NestJS Guards Tutorial online without registration, duration 26 minute 22 second in high hd quality. This video was added by user Marius Espejo 10 October 2021, don't forget to share it with your friends and acquaintances, it has been viewed on our site 40 thousand once and liked it 1 thousand people.