Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FE] Implement Role-Based Middleware for Page Authorization #444

Open
edichoska opened this issue Nov 9, 2024 · 0 comments · Fixed by #466
Open

[FE] Implement Role-Based Middleware for Page Authorization #444

edichoska opened this issue Nov 9, 2024 · 0 comments · Fixed by #466
Assignees
@petark7 @aleksandarmicev
Labels
frontend This is a frontend component

Comments

@edichoska
Copy link
Contributor

edichoska commented Nov 9, 2024
edited
Loading

Business Requirement
We need to implement middleware that hides or shows pages based on the logged-in user's role to ensure role-based access control across the application.

Acceptance Criteria

  • Implement a middleware that checks the user's role before allowing access to specific pages.
  • If the user’s role does not match the required role(s) for a page, redirect them to an appropriate page (e.g., homepage, login or error page).
  • Only administrators can access the admin panel pages.
  • Configure the middleware to support multiple roles (e.g., "member," "admin", "content-manager").
  • Apply the middleware to the following pages:
  • Admin Panel (restricted to "admin" role only)
  • Content Panel (accessible to "admin" and "content-manager" roles)
  • Platform(accessible to "members")
  • Ensure the middleware checks if the user is authenticated before checking their role.
  • If not authenticated, redirect to the login page.
  • Include appropriate error handling to manage unauthorized access attempts.
  • Test the middleware to ensure proper redirection and authorization enforcement for each role.

Documentation:
https://nextjs.org/docs/app/building-your-application/routing/middleware
@edichoska edichoska converted this from a draft issue Nov 9, 2024
@edichoska edichoska added the frontend This is a frontend component label Nov 9, 2024
@aleksandarmicev aleksandarmicev self-assigned this Nov 11, 2024
aleksandarmicev added a commit that referenced this issue Dec 3, 2024
@aleksandarmicev
Merge remote-tracking branch 'origin/staging' into #444-Role-base-Mid…
234f569 
…dleware
aleksandarmicev added a commit that referenced this issue Dec 3, 2024
@aleksandarmicev
Merge remote-tracking branch 'origin/staging' into #444-Role-base-Mid…
86e9681 
…dleware
@aleksandarmicev aleksandarmicev linked a pull request Dec 4, 2024 that will close this issue
#444 Role-Base Middleware #462
Closed
@edichoska edichoska linked a pull request Dec 9, 2024 that will close this issue
[FE] Implement Role-Based Middleware for Page Authorization [444] #466
Merged
@petark7 petark7 moved this from In progress to In review in LearnHub Task Management Dec 9, 2024
@petark7 petark7 mentioned this issue Dec 11, 2024
Merged
@edichoska edichoska moved this from In review to Testing / Staging in LearnHub Task Management Dec 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@petark7 petark7

@aleksandarmicev aleksandarmicev

Labels
frontend This is a frontend component
Projects
LearnHub Task Management
Status: Testing / Staging
Milestone
No milestone
3 participants
@petark7 @aleksandarmicev @edichoska