4

Being new to perfect server side swift, I cannot find any packages that help with role based access authorization. In Spring there is for example,

.antMatchers("/homePage").access("hasRole('ROLE_USER') or hasRole('ROLE_ADMIN')")
.antMatchers("/adminPage").access("hasRole('ROLE_ADMIN')")

Is there something already existing in perfect to help with this? Is there a recommended way of handling access control in perfect?

Thomas Smyth - Treliant
  • 4,993
  • 6
  • 25
  • 36
GAllan
  • 409
  • 4
  • 11

2 Answers2

1

As you use perfect server, you may take a look at:

A. STEFANI
  • 6,707
  • 1
  • 23
  • 48
  • The https://github.com/PerfectSideRepos/Turnstile-Perfect/blob/master/Sources/AuthFilter.swift seems to be best starting point for a role/s based filter. Adding a role to the Account class to allow filtering on include/exclude routes. – GAllan Dec 14 '17 at 16:56
0

Perfect provides system level of authentication.

Firstly, you can go to github and search PerfectlySoft/Perfect-LocalAuthentication for user identity validation, however, it doesn't contain the role control as you asked.

It can be done in other approaches. For example, you can use Perfect-LDAP to access an LDAP server for all kinds of roles and groups.

PerfectlyRock
  • 405
  • 2
  • 7
  • 2
    Access groups/roles is not the issue. I suppose was looking for a requestFilter like AuthFilter that could include/exclude paths base on a role. The role itself could be pulled from the user record or other. It is strange if such a filter is not already available. – GAllan Dec 08 '17 at 09:21