Authorization is easy now (Microservices, Next.js, Cerbos)
HTML-код
- Опубликовано: 13 июн 2024
- 👉 Cerbos (open source!) & Cerbos Hub: bit.ly/49tC8vD (paid sponsorship)
Disclaimer: this is a sponsored video (paid). It's your responsibility to evaluate safety, accuracy and other relevant parts of the reviewed product.
👉 Full code: github.com/ByteGrad/cerbos-ne...
👉 NEW React & Next.js Course: bytegrad.com/courses/professi...
👉 NEW React & Next.js Course: bytegrad.com/courses/professi...
👉 Professional JavaScript Course: bytegrad.com/courses/professi...
👉 Professional CSS Course: bytegrad.com/courses/professi...
👉 Web development roadmap 2024 & 2025: email.bytegrad.com
👉 Email newsletter (BIG update soon): email.bytegrad.com
👉 Discord: all my courses have a private Discord where I actively participate
⏱️ Timestamps:
00:00 The problem with authorization
03:18 Authorization solution
06:29 Modern auth architecture
08:03 Policy file
10:04 Policy decision point (microservice)
14:15 Connect app to Cerbos
15:58 What happens when biz requirements change?
17:28 Frontend (wasm)
20:34 Custom hook (useCerbos)
21:05 Overview
#webdevelopment #programming #coding #reactjs #nextjs
Isn't non-third party middleware to handle authorization better? Talking about ownership of code here...
Now you just become dependant on some kind of lib and it's tools and later on you will have a subscribtion payment to upgrade their version to use "premium features"...
tRPC and its middlewares to chain the logic before the procedures works flawlessly imo and you own it.
why would you want to add a commit step, grant an external company access to my code, and run a parallel server for just a few basic checks? I agree we want to centralize this, but it seems to me to be more trouble than help.
Commenting just for encouraging you! Because I love your videos. Do not stop please :D
Would it be possible to make a video exploring appwrite ? How to setup authentication, make role based authorization etc… ? Thank you!
can you make a cerbos/http tutorial to handle permissions in the browser
Which is the best choice between "Cerbos" and "CASL", I saw that Nest.js has suggested the CASL as a recommended choice. 🤔
This might be an overkill for many use cases. Instead some repetitive logic can be put into some utility functions (single source of truth). And I think we lose the intelicence inside the YML files. But it's good to know that we have this one in our tool belt. Keep up the good work.
You are the best teacher for me. God bless you 🙏🏻
Spaghetti code works great yet
Wow thanks ❤
Just today i found it 🥴
Just use Zod schemas what the f is this concept
Isn't zod schema validation thing? How can I use it for rule based authorization system?
If I understand correctly, using this service involves retrieving data from your database and creating a YAML file, indicating that some form of validation and functionality has already been implemented in your application. Could you explain why Zod validation cannot do that mechanism
@@blazi_0make your own
Imagine adding a middleware to every single route