Before moving forward, it's essential to confirm that user authentication has been properly configured in your MagicJS application, as outlined in the previous section. We'll be utilizing the same files in this tutorial, so ensure that authentication is in place.
If you're unfamiliar with user authentication, please refer Authenticate Users covering the necessary details regarding user authentication setup.
Implementing Role-Based Features
Implement a role-based feature where only users with a specific role can access certain functionalities.
For example, we'll create a "Tell Me a Joke" button that displays a joke, but only users with the "joker" role are allowed to view it.
Backend Logic
1. Creating the "Tell Me a Joke" API
Create a backend file inside the main-features folder.
Name the file as 'get-joke'.
Add a joke to return.
Implement role-based access control in the backend logic. Users without the required role will receive a message indicating they are not authorized to view the joke.
Refer the below snippet:
get-joke.server.tsx
import { createBackendFunction, useFunctionContext } from"@magicjs.dev/backend"exportdefaultcreateBackendFunction(asyncfunction () {constctx=useFunctionContext(this)if (ctx.isAuthenticated ===false) {return"You have to sign in first" }if (awaitctx.isCurrentUserInAnyRoles(["joker"]) ===true) {return"What do you call a magic dog? A Labracadabrador." } else {return"You are not a joker." }})
In the above code, ctx.isAuthenticated checks if the user is authenticated. If not, it returns a message indicating that the user needs to sign in.
Then, ctx.isCurrentUserInAnyRoles(["joker"]) checks if the current user has the role "joker". If true, it returns a joke message. If not, it returns a message indicating that the user is not a joker.
Invoke the API in a button.
Add a button in the 'home.tsx' file and label it as Tell me a joke.
Call the 'getJokeServer' in the button as shown in the below code.
Tell me a Joke button calls the getJokeServer function imported from get-joke.server and alerts the returned joke when clicked.
2. Role Assignment and Removal
To enable users to add or remove their roles, we'll create two backend APIs for role assignment and removal. Users can click the "Add Role" button to assign the "joker" role to themselves and subsequently remove it using the "Remove Role" button.
Create 2 backed files and name them 'add-role' and remove-role' respectively.
Add Role button calls the addRoleServer function imported from add-role.server and assigns the role 'joker' to the current user when clicked.
Remove Role button calls the removeRoleServer function imported from remove-role.server and unassigns the role 'joker' from the current user when clicked.
Ensuring Frontend Protection
Adding Frontend Protection ensures that frontend components and features are only accessible to users with the requisite roles.
In conjunction with backend role-based access control mechanisms, frontend role checks will be integrated using the isCurrentUserInAnyRoles function provided by MagicJS.
Add function isCurrentUserInAnyRoles in the useLogin hook.
Wrap the Tell me a joke button inside this function as shown in the below code.
Note: Please be advised that in order for the modifications to be implemented, it is necessary to refresh the page each time.
Implementing a state in the frontend file will continuously compute, eliminating the need for repetitive manual refreshing.
By leveraging user role authentication and role management in your MagicJS application, you can tailor access permissions and enhance security. Empowered with role-based access control, you can customize the user experience and ensure that users interact with features aligned with their roles.
Congratulations! You've learned how to authenticate a user role seamlessly in MERN.AI using the MagicJS framework.