Comments (4)
harrysolovay
commented on July 28, 2024
Thank you for the feature request / prospect of a PR! For clarity, can you please provide a snippet of example usage?
from amplify-ui.
alissaVrk
commented on July 28, 2024
the usage should be something like:
withAuthenticator(() => <Comp />, {
//maybe the predicate should be inside a config object,
to allow for easy addition of properties in the future
authorizationPredicate: user =>
user.signInUserSession.accessToken.payload["cognito:groups"].indexOf('myGroup') >= 0,
children: [
<Unauthorized slot="unauthorized" message="you should upgrade to see this"/> //optional, will get the user in props
]
})
of course you can use this with the Authenticator component directly as well
from amplify-ui.
harrysolovay
commented on July 28, 2024
This kind of protection likely should not happen on the front end, unless you were to include a build step which serializes the predicate and sends it to a secure back-end resource for later use in safeguarding group data. This would be a cool experience, but definitely falls outside of Amplify's scope.
While there is not a front-end component visibility "rule" system surrounding withAuthentication, there are ways to achieve what you're describing. An isAuthenticatedUserMemberOfXGroup hook, for example:
function isAuthenticatedUserMemberOfGroup(groupName: string) {
const [is, setIs] = useState<boolean | undefined>();
// get `user`
// see if the predicate rings true
setIs(user.signInUserSession.accessToken.payload["cognito:groups"].indexOf(groupName) >= 0);
return is;
}
function MyComp() {
const isMemberOfG = isAuthenticatedUserMemberOfGroup("MyGroup");
return isMemberOfG && (
<div>Only members of "MyGroup" can see this</div>
)
}Bringing these checks into UI component props would likely result in a somewhat rigidly-structured API. It's my sense that this functionality would be best represented in case-by-case specificity.
@sammartinez @wlee221 –– what are your thoughts?
from amplify-ui.
alissaVrk
commented on July 28, 2024
sorry for disappearing.. and thanks for the detailed answer
I don't think there is a security issue here, since the withAuthentication only can block the view of a component. the actual content should be protected on the server side either way.
the code in the Authenticator takes the state it gets from server and according to it decides what to display, I'm just letting me/the user add some logic to that
all that I'm trying to solve here is the client code, which really doesn't care why you can't see something, it only wants to know
- should it display the content
- what should it display instead
with current implementation I have nested ifs each of them dealing with a different reason (authentication, authorization, anything else.. ), I thought that doing it all in one place could be nice.
I'm really not attached to the API I suggested, will be glad to hear other ideas :)
from amplify-ui.
Related Issues (20)
- Session Not Found HOT 15
- Authenticator error message overflows if message is long HOT 2
- Issue with `withAuthenticator` hook integration in Next.js app HOT 3
- Ionic Chatbot UI [missing-page] HOT 2
- Ability to specify auth flow to trigger user migration events HOT 2
- Reset Password by Email not showing correct translations HOT 3
- SelectField SVG accessibility
- Liveness - Your account isn't authorized to call this operation HOT 11
- Pass className prop through to StorageImage HOT 1
- Could not resolve all files for configuration ':amazon-cognito-identity-js:debugCompileClasspath'. HOT 1
- Vite React - Component does not work correctly in mobile browsers, especially Google browsers HOT 8
- Liveness - Users getting timeout error as soon as they try to load HOT 13
- Undefined ('S3Object') Error HOT 12
- Customizable Visual Feedback Colors in Liveness Component HOT 3
- Autocomplete footer not allowing onClick HOT 2
- [Face Liveness] Cannot complete check due to server issue. Try again HOT 13
- Authenticator with only social sign in (hide regular sign in fields) HOT 2
- React: Set unique id to each authenticator step's button HOT 3
- Unrecognizable lambda output - When user Create an account HOT 1
- ResizeObserver loop when navigating in the Authenticator component HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from amplify-ui.