gobackhuoxing / first-web-game-lb4 Goto Github PK
View Code? Open in Web Editor NEWA full-stack web application example for LoopBack 4
Home Page: https://loopback.io/
A full-stack web application example for LoopBack 4
Home Page: https://loopback.io/
src/interceptors/autorize.interceptor.ts
async intercept(
invocationCtx: InvocationContext,
next: () => ValueOrPromise<InvocationResult>,
) {
if (!this.metadata) return await next();
const result = await next();
const requiredPermissions = this.metadata.options as RequiredPermissions;
const user = await this.getCurrentUser();
if(!this.checkPermissons(user.permissions, requiredPermissions)){
throw new HttpErrors.Forbidden('INVALID_ACCESS_PERMISSION');
}
return result;
}
Checking permissions should be before:
const result = await next();
because when we have POST, PUT, DELETE endpoint then methods are executed before checking permissions. In response we have error 403 but in database we have changed data.
Solution
async intercept(
invocationCtx: InvocationContext,
next: () => ValueOrPromise<InvocationResult>,
) {
if (!this.metadata) return await next();
const requiredPermissions = this.metadata.options as RequiredPermissions;
const user = await this.getCurrentUser();
if(!this.checkPermissons(user.permissions, requiredPermissions)){
throw new HttpErrors.Forbidden('INVALID_ACCESS_PERMISSION');
}
const result = await next();
return result;
}
In the todo list example, after creating a relationship, they register inclusion-resolver
this.todoList = this.createBelongsToAccessorFor(
'todoList',
todoListRepositoryGetter,
);
// They add this line to register the resolver
this.registerInclusionResolver('todoList', this.todoList.inclusionResolver);
What does this mean? What is it used for?
I noticed you didn't use it in your demo, I want to know what it does and how it affects the relationship.
Just a [x]question, I was having some trouble with the tutorial as the tutorial is based on Mongodb, but we are using Mysql, and cant find any equivalent guide
Hello,
I've an issue with the file JWT.service.ts, Typescript says that he cannot convert MyUserProfile to UserProfile
async verifyToken(token: string): Promise<MyUserProfile> {
if (!token) {
throw new HttpErrors.Unauthorized(
`Error verifying token : 'token' is null`,
);
}
const decryptedToken = await verifyAsync(token, TokenServiceConstants.TOKEN_SECRET_VALUE);
return _.pick(decryptedToken, ['id', 'email', 'name', `permissions`]);
}
async generateToken(userProfile: MyUserProfile): Promise<string> {
return signAsync(userProfile, TokenServiceConstants.TOKEN_SECRET_VALUE, {
expiresIn: TokenServiceConstants.TOKEN_EXPIRES_IN_VALUE,
});
}
I was doing ok until I tried running PT3 of your tutorial. Tutorial and your repo seem to be in agreement with each other. I am running into an error when I attempt to run the full part 3. LB compiler complains about Argument of type 'Filter' is not assignable to parameter of type 'Filter'. I believe this is a typescipt error. How do I fix this?
Checkout my repo (https://github.com/EnergeticPixels/lb4game.git) in the develop => adv-controllers branch, commit #aba5bd5.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.