This post is one of a series on local-first development with CAP Node.js. The mocked authentication strategy The Authentication Strategies section of the Node.js Security topic in Capire explains the different strategies available, and the "mocked" strategy comes with pre-defined users that can be used, with their various levels of authorisations, to explore, define and test security-related constructs. This mock user configuration can be modified and extended too, but what comes out of the box is definitely enough to get started. Working through an example In this post, we'll work through an example of mocking auth, based on content in the auth/ directory of the talk repository. Note that what's absent here is any form of auth implementation - all declarations available are automatically enforced by CAP's generic service providers. The service definition In srv/main.cds there's a single service defined, with a couple of entities that are simple projections on to the entities in the…
No comments yet. Log in to reply on the Fediverse. Comments will appear here.