NestJS Authorization: RBAC, ABAC, claims-based, and more! | NestJS Guards Tutorial

preview_player
Показать описание
In this video we'll discuss the fundamentals of doing authorization on a NestJS API. We'll take a look at how to use custom decorators to add metadata to controller methods. We'll then work on creating a new guard specifically for authorization. We'll take a look at how to extract a user's roles and determine if they are allowed to process with the request or not. We'll also briefly discuss more advanced scenarios where you might want to use claims-based or perhaps attribute-based (ABAC) authorization techniques using libraries like CASL and accesscontrol.

00:00 - Intro
00:44 - Creating new application
02:08 - Defining User entity and Roles enum
05:37 - Defining our auth requirements
07:33 - Using SetMetadata decorator
08:40 - Creating a custom Roles decorator
10:51 - Creating a new Roles Guard
15:47 - Accessing user roles within a guard
21:08 - Discussing more advanced authorization with claims or permissions/attributes
25:31 - NestJS CASL Integration
25:47 - Outro
  1. Marius Espejo
  2. nest
  3. javascript
  4. nestjs
  5. nestjs tutorial
  6. nestjs auth
Рекомендации по теме
NestJS Authorization: RBAC, 0:26:22

NestJS Authorization: RBAC, ABAC, claims-based, and more! | NestJS Guards Tutorial

Add RBAC to 0:06:20

Add RBAC to Your Nest.js API in ~ 7 minutes

NestJs RBAC - 0:24:35

NestJs RBAC - Role Based Authorization Tutorial

NestJS Role Based 0:28:14

NestJS Role Based Authorization | RBAC

Role-Based Access Control 0:08:00

Role-Based Access Control (RBAC) Explained: How it works and when to use it

Why ABAC instead 0:01:29

Why ABAC instead of RBAC?

How to Manage 0:46:20

How to Manage User Access in NestJS | Authorization with CASL

How to Manage 0:12:11

How to Manage User Roles in NextJS / NodeJS

Add RBAC roles-based 0:05:08

Add RBAC roles-based authorization to your API routes

RBAC vs ABAC 0:03:03

RBAC vs ABAC | Identity & Access Management | IAM

20. Role Based 0:16:44

20. Role Based Access Control In NestJS

Como EU lido 0:06:59

Como EU lido com autorizações (permissões) nos meus apps

Managing User Roles 0:16:33

Managing User Roles - NodeJS Authorization

ID Tokens VS 0:08:38

ID Tokens VS Access Tokens: What's the Difference?

NestJs - Guards 0:33:05

NestJs - Guards & Authentication & Authorization [08]

RBAC vs ABAC 0:04:53

RBAC vs ABAC vs XBAC for Data Access Control

Authorization Modeling: Design 0:58:15

Authorization Modeling: Design your RBAC, ABAC, ReBAC

Azure Role-based Access 0:07:38

Azure Role-based Access Control (RBAC)

Easily create ABAC 0:11:15

Easily create ABAC policies with the Permit UI - Tutorial

🔐 Access Control 0:03:39

🔐 Access Control Methods Compared: RBAC, ABAC, ACL, and PBAC - Which One Reigns Supreme?

Kubernetes Security | 0:07:17

Kubernetes Security | Role Based Access Control (RBAC)

Nest.js 3: Authentication 0:55:15

Nest.js 3: Authentication & Authorization

What is PBAC? 0:01:06

What is PBAC? Policy Based Access Control Explainer by PlainID

Understanding Attribute Based 0:20:28

Understanding Attribute Based Access Control (ABAC)

Комментарии
Автор

thank you so much... straight to the point.... best nest js explanations i've seen so far.

mertefe
Автор

very useful. i wish this video was around when my company built a new project in nestjs and rbac last year

connieleung
Автор

thankyou for creating such a great content covering everything making it easy for everyone to understand<3

nepdevtech
Автор

Thank you for your useful videos. Would be great to have more in deep tutorial about CASL with NestJS.

cristianescudero
Автор

Great job Marius, your videos are very useful and simple at the same time, keep rocking 🤘

AlirezaNasseh
Автор

You are always so helpful! Thank you Marius! 🤗

ceciliaserafini
Автор

Thank you, Marius. I'm just switching from making the nodejs API from scratch to using a library like nestjs. This helps me a lot

saleumsack
Автор

Great Stuff once again. Your NestJs content has helped me a lot.

oluwatosinsamuel
Автор

thank you for the wonderful explanation! I hope that you will continue to help us

m-batimel
Автор

Thanks (again!) for this content Marius. Would love to see a long-form CASL workshop for managing routes and resources.

foofighterdaz
Автор

Thanks, bro. Appreciate the video. I was hoping for a GraphQL implementation, but after watching your tutorial, I figured out how to do it.

kawthooleidevelopers
Автор

Hey, Nice video, thankyou for all these explanations, The CASL video would be nice!

HernaW
Автор

thank you! very clear and straightforward

davialmeida
Автор

Once again, thanks for an amazing video! I love to see these videos to get some inspiration!

I would love to see a video about Passport with the Local Strategy together with JWT, I know you have done this but I still feel it would be nice to cover JWT refresh in the backend, and hopefully in the frontend as well.

dgaa
Автор

Great video!!! Thank you for this video

miguelacosta
Автор

Great tutorial ❤️. Please make a video implementing casl in nest js. I read the docs but didn't understand properly.

rickythegermanshepherd
Автор

awesome video, you are just great teacher

sergeyagronov
Автор

Thank you, nice straightforward explanation :D now I'm SUBSCRIBED (with the bell ON)
Hope you the best

Bilal-lenw
Автор

спасибо, как всегда все доходчиво и понятно

NO
Автор

Great video Marius, I just watced all the NestJs related videos. You did a very good job, they are very usefull.
Right now I am trying to do a Nestjs authentication trough Firebase auth IDP.
It would be awesome if you will do a video that covers that.

andreicatalin