Skip to content

Commit 540632f

Browse files
atainteratainter
authored
Add roles from JWT payload (#40)
1 parent ab563c2 commit 540632f

File tree

6 files changed

+27
-0
lines changed

6 files changed

+27
-0
lines changed

.gitignore

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,3 +2,4 @@
22
node_modules
33
dist
44
coverage/
5+
.idea

src/auth.spec.ts

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -108,6 +108,7 @@ describe('auth', () => {
108108
accessToken: 'new-access-token',
109109
organizationId: 'org_123456' as string | undefined,
110110
role: 'admin' as string | undefined,
111+
roles: ['admin'] as string[] | undefined,
111112
permissions: ['read', 'write'] as string[] | undefined,
112113
entitlements: ['premium'] as string[] | undefined,
113114
featureFlags: ['flag-1', 'flag-2'] as string[] | undefined,
@@ -339,6 +340,7 @@ describe('auth', () => {
339340
sessionId: 'session-123',
340341
organizationId: 'org-456',
341342
role: 'admin',
343+
roles: ['admin'],
342344
permissions: ['read', 'write'],
343345
entitlements: ['feature-1', 'feature-2'],
344346
featureFlags: ['flag-1', 'flag-2'],
@@ -361,6 +363,7 @@ describe('auth', () => {
361363
sessionId: mockClaims.sessionId,
362364
organizationId: mockClaims.organizationId,
363365
role: mockClaims.role,
366+
roles: mockClaims.roles,
364367
permissions: mockClaims.permissions,
365368
entitlements: mockClaims.entitlements,
366369
featureFlags: mockClaims.featureFlags,
@@ -395,6 +398,7 @@ describe('auth', () => {
395398
sessionId: 'session-123',
396399
organizationId: 'org-456',
397400
role: 'admin',
401+
roles: ['admin'],
398402
permissions: ['read', 'write'],
399403
entitlements: ['feature-1', 'feature-2'],
400404
featureFlags: ['flag-1', 'flag-2'],

src/auth.ts

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -51,6 +51,7 @@ export async function withAuth(args: LoaderFunctionArgs): Promise<UserInfo | NoU
5151
entitlements,
5252
featureFlags,
5353
role,
54+
roles,
5455
exp = 0,
5556
} = getClaimsFromAccessToken(session.accessToken);
5657

@@ -70,6 +71,7 @@ export async function withAuth(args: LoaderFunctionArgs): Promise<UserInfo | NoU
7071
sessionId,
7172
organizationId,
7273
role,
74+
roles,
7375
permissions,
7476
entitlements,
7577
featureFlags,

src/interfaces.ts

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -55,6 +55,7 @@ export interface AccessToken {
5555
sid: string;
5656
org_id?: string;
5757
role?: string;
58+
roles?: string[];
5859
permissions?: string[];
5960
entitlements?: string[];
6061
feature_flags?: string[];
@@ -65,6 +66,7 @@ export interface UserInfo {
6566
sessionId: string;
6667
organizationId?: string;
6768
role?: string;
69+
roles?: string[];
6870
permissions?: string[];
6971
entitlements?: string[];
7072
featureFlags?: string[];
@@ -77,6 +79,7 @@ export interface NoUserInfo {
7779
sessionId?: undefined;
7880
organizationId?: undefined;
7981
role?: undefined;
82+
roles?: undefined;
8083
permissions?: undefined;
8184
entitlements?: undefined;
8285
featureFlags?: undefined;
@@ -110,6 +113,7 @@ export interface AuthorizedData {
110113
sessionId: string;
111114
organizationId: string | null;
112115
role: string | null;
116+
roles: string[] | null;
113117
permissions: string[];
114118
entitlements: string[];
115119
featureFlags: string[];
@@ -121,6 +125,7 @@ export interface UnauthorizedData {
121125
sessionId: null;
122126
organizationId: null;
123127
role: null;
128+
roles: null;
124129
permissions: null;
125130
entitlements: null;
126131
featureFlags: null;

src/session.spec.ts

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -293,6 +293,7 @@ describe('session', () => {
293293
entitlements: null,
294294
featureFlags: null,
295295
role: null,
296+
roles: null,
296297
sessionId: null,
297298
});
298299
});
@@ -359,6 +360,7 @@ describe('session', () => {
359360
sid: 'test-session-id',
360361
org_id: 'org-123',
361362
role: 'admin',
363+
roles: ['admin'],
362364
permissions: ['read', 'write'],
363365
entitlements: ['premium'],
364366
feature_flags: ['flag-1', 'flag-2'],
@@ -411,6 +413,7 @@ describe('session', () => {
411413
entitlements: ['premium'],
412414
featureFlags: ['flag-1', 'flag-2'],
413415
role: 'admin',
416+
roles: ['admin'],
414417
sessionId: 'test-session-id',
415418
});
416419
});
@@ -559,6 +562,7 @@ describe('session', () => {
559562
sid: 'test-session-id',
560563
org_id: 'org-123',
561564
role: null,
565+
roles: [],
562566
permissions: [],
563567
entitlements: [],
564568
feature_flags: [],
@@ -569,6 +573,7 @@ describe('session', () => {
569573
sid: 'new-session-id',
570574
org_id: 'org-123',
571575
role: 'user',
576+
roles: ['user'],
572577
permissions: ['read'],
573578
entitlements: ['basic'],
574579
feature_flags: ['flag-1'],
@@ -594,6 +599,7 @@ describe('session', () => {
594599
sessionId: 'new-session-id',
595600
organizationId: 'org-123',
596601
role: 'user',
602+
roles: ['user'],
597603
permissions: ['read'],
598604
entitlements: ['basic'],
599605
featureFlags: ['flag-1'],
@@ -738,6 +744,7 @@ describe('session', () => {
738744
sid: 'new-session-id',
739745
org_id: 'org-123',
740746
role: 'user',
747+
roles: ['user'],
741748
permissions: ['read'],
742749
entitlements: ['basic'],
743750
feature_flags: ['flag-1'],
@@ -763,6 +770,7 @@ describe('session', () => {
763770
accessToken: 'new.valid.token',
764771
organizationId: 'org-123',
765772
role: 'user',
773+
roles: ['user'],
766774
permissions: ['read'],
767775
entitlements: ['basic'],
768776
featureFlags: ['flag-1'],

src/session.ts

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -72,6 +72,7 @@ export async function refreshSession(request: Request, { organizationId }: { org
7272
sessionId,
7373
organizationId: newOrgId,
7474
role,
75+
roles,
7576
permissions,
7677
entitlements,
7778
featureFlags,
@@ -83,6 +84,7 @@ export async function refreshSession(request: Request, { organizationId }: { org
8384
accessToken,
8485
organizationId: newOrgId,
8586
role,
87+
roles,
8688
permissions,
8789
entitlements,
8890
featureFlags,
@@ -332,6 +334,7 @@ export async function authkitLoader<Data = unknown>(
332334
entitlements: null,
333335
featureFlags: null,
334336
role: null,
337+
roles: null,
335338
sessionId: null,
336339
};
337340

@@ -343,6 +346,7 @@ export async function authkitLoader<Data = unknown>(
343346
sessionId,
344347
organizationId = null,
345348
role = null,
349+
roles = null,
346350
permissions = [],
347351
entitlements = [],
348352
featureFlags = [],
@@ -365,6 +369,7 @@ export async function authkitLoader<Data = unknown>(
365369
sessionId,
366370
organizationId,
367371
role,
372+
roles,
368373
permissions,
369374
entitlements,
370375
featureFlags,
@@ -497,6 +502,7 @@ export function getClaimsFromAccessToken(accessToken: string) {
497502
sid: sessionId,
498503
org_id: organizationId,
499504
role,
505+
roles,
500506
permissions,
501507
entitlements,
502508
feature_flags: featureFlags,
@@ -510,6 +516,7 @@ export function getClaimsFromAccessToken(accessToken: string) {
510516
sessionId,
511517
organizationId,
512518
role,
519+
roles,
513520
permissions,
514521
entitlements,
515522
featureFlags,

0 commit comments

Comments
 (0)