lbx-jwt/dist/services/role.authorizer.js

Provides JWT authentication for loopback applications. Includes storing roles inside tokens and handling refreshing. Built-in reuse detection.

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.roleAuthorization = void 0;
const authorization_1 = require("@loopback/authorization");
/**
 * Checks if the requesting user has one of the allowed roles.
 * @param authorizationContext - The context, containing the user information.
 * @param metadata - The metadata, provided in the @authorize-decorator. Contains allowed roles.
 * @returns The promise of a decision (if the request is denied or approved).
 */
async function roleAuthorization(authorizationContext, metadata) {
    if (!authorizationContext.principals.length) {
        return authorization_1.AuthorizationDecision.DENY;
    }
    const userProfile = authorizationContext.principals[0];
    if (userProfile.roles.find(r => { var _a; return (_a = metadata.allowedRoles) === null || _a === void 0 ? void 0 : _a.includes(r); })) {
        return authorization_1.AuthorizationDecision.ALLOW;
    }
    return authorization_1.AuthorizationDecision.DENY;
}
exports.roleAuthorization = roleAuthorization;
//# sourceMappingURL=role.authorizer.js.map