Authorization

Overview

Authorization in QueryDeck governs access control by defining roles and permissions for database actions. It ensures that users can only perform actions they are allowed to, based on their assigned roles.

Setting up Authorization

First set up a demo app (or with any databse of your choice), then change the menthod to select.

Now click on the security icon (shown below) present on the left toolbar

(note: make sure you already have existing authentication)

Now we get this page, which allows us to set up CORS, Authentication and Authorization

Click on the Roles & Authorization tab on the top right task bar

Now click on the button to create a role

Now we get this pop up form

Enter Role name as desired, this is like a nickname to refer to your role

Role value is the variable you chose to assign to it, this will be used in jwt to access your role

Select desired role type from the dropdown (admin/custom). Admin grants complete access, whereas in custom you can choose how much access to give the user.

Now click on the "add" button, to add the role

The role for authentication has been set up successfully

Testing Authorization

Getting the JWT

Goto https://jwt.io/

Scroll down to the debugger

Now in the "Header" section in the decoded column, change the algorithm (alg) according to ur Authentication settings in the security tab (In this case, the default value matches our algorithm, so we leave it as is)

Next change the payload, delete the "sub" and "name" parameters, leave the "iat" as is, this is the valid time period parameter

Now add your user session key(email) and role session key(role_id) as additional parameters, and set their value to the desired value (here user email) and the role id set in authorization respectively