Authorization

Adonis Cockpit is currently in prerelease version. Documentation, references and examples might not be correct and are subject to change. Give your feedback.

Authorization

Adonis Cockpit relies on Adonis Bouncer for authorization. You can apply policies globaly, per operation and resources.

Adonis Cockpit does not bring any authentication system (yet), you can follow the Official Adonis Authentication documentation to get everything setup.

Configuring Auth

URLs

Cockpit is able to display a Logout button when the user is authenticated, you can configure the URL in the Cockpit configuration file.

config/cockpit.ts 
import { defineConfig } from 'adonis-cockpit'



export default defineConfig({

  auth: {

    logoutUrl: '/logout',

  },

})

User

Cockpit will display the current authenticated user information in the navigation bar. By default it will retrieve the email, userName and avatar from your model. You might want to change this behavior, you can do it so using the auth.user configuration option.

config/cockpit.ts 
import { defineConfig } from 'adonis-cockpit'



export default defineConfig({

  auth: {

    user({ auth }) {

      const user = auth.getUserOrFail()

      return {

        userName: `${user.firstName} ${user.lastName}`,

        email: user.email

      }

    }

  },

})

Policies

Global Policy

The global policy is applied everywhere on the admin.

app/abilities/main.ts 
import User from '#models/user'

import { Bouncer } from '@adonisjs/bouncer'



export const adminPolicy = Bouncer.ability((user: User) => {

  return user.isAdmin

})
start/cockpit.ts 
import cockpit from 'adonis-cockpit/services/main'



cockpit.policy(adminPolicy)

Per Operation Policies

You can define different policies for each different kind of operations.

start/cockpit.ts 
import cockpit from 'adonis-cockpit/services/main'



cockpit.policies({

  read: memberPolicy,

  create: adminPolicy,

  update: adminPolicy,

  delete: superAdminPolicy

})

The per operation policies are overwritten by the Per Resource and Per Action policies.

Per Resource Policies

You can apply custom policies at the resource level. They will override the Per Operation policies.

class Resource extends ModelResurce {

  policies = {

    read: memberPolicy,

    create: adminPolicy,

    update: adminPolicy,

    delete: superAdminPolicy

  }

}

Per Action Policies

You can apply custom policies to your Actions. They will override the Per Operation policies.

class SynchronizeAction extends Action {

  policy = synchronizePolicy

}
© 2024 FriendsOfAdonis Edit this page

On this page