` Login ` and ` Auth ` - andrewkyllo-401-advanced-javascript/seattle-javascript-401d34 GitHub Wiki

Authentication + Role Based Authorization

What problems do we need to solve for?

is this a valid use?
What is the user authorized to do?
- Which parts of our application care about this?
- How can we determine this?
  - Whats in the token?
  - Contact between the UI and the API
- How do we make this easy to use?

Proposal

<Auth /> component

Based on your permissions and login status, it either gives you access to component or jsx or hides it.
Must not use Redux
- Why? We dont want to force impoementors into a specific state management system

// The div only shows if you are logged in
  <Auth>
    <div />
  </Auth>

// The div only shows if you are logged in AND have read permissions
  <Auth capability="read">
    <div />
  </Auth>

⚠️ GitHub.com Fallback ⚠️