DEV Community

Cover image for How to Add RBAC Authorization in Next.js

How to Add RBAC Authorization in Next.js

Arindam Majumder on September 11, 2024

Authorization, the process in our applications that determines what users can perform on which resources, is a crucial requirement for every applic...
Collapse
 
hemath923604 profile image
Hemath

I'll try to implement this in my Project!

Does it work with supabase?

Collapse
 
gemanor profile image
Gabriel L. Manor

Sure! Here's a guide for that: permit.io/blog/how-to-implement-rb...

Collapse
 
hemath923604 profile image
Hemath

Thanks for sharing, I'll check that!

Collapse
 
eddiejaoude profile image
Eddie Jaoude

Thanks for sharing! Super important topic

Collapse
 
arindam_1729 profile image
Arindam Majumder

Glad you found it useful Eddie 😀

Really appreciate it 😌

Collapse
 
akshaybond30160 profile image
Akshay bondre

Great Share Arindam!

The Ui makes it pretty simple!

Collapse
 
arindam_1729 profile image
Arindam Majumder

Yes. The UI is intuitive and makes it easier 😀

Collapse
 
debarun_d89efed41e7bfb97c profile image
Debarun

Nice content, continue your good work.

Collapse
 
arindam_1729 profile image
Arindam Majumder

Thanks for checking out Debarun 😀

Collapse
 
ddebajyati profile image
Debajyati Dey • Edited

Where and how do you learn these things to write this kind of comprehensive contents?

BTW great article!

Collapse
 
arindam_1729 profile image
Arindam Majumder

Thanks a lot for the kind words!

I just try to share my learnings and write about them,

it works for me!

Collapse
 
martinbaun profile image
Martin Baun

Cool approaches! Thank you for sharing.

Collapse
 
arindam_1729 profile image
Arindam Majumder

Glad you, liked it!

Collapse
 
akshaycodes profile image
Akshay SIng

Well written Tutorial Arindam!

Collapse
 
arindam_1729 profile image
Arindam Majumder

Thanks for Checking out

Collapse
 
jacob_ifeoluwa_f95647baf8 profile image
Jacob Ifeoluwa

Thanks for sharing

Collapse
 
arindam_1729 profile image
Arindam Majumder

Glad you liked it!

Collapse
 
omnilinkdigital profile image
Info Comment hidden by post author - thread only accessible via permalink

When I started with web development I used to implement the same anti patterns. With your example of an Authorization Anti Pattern, it's important for people to understand why it is an anti pattern.

Regarding your example, the actions are governed by only the role and not the required permission which permits the action. With RBAC, a role should be a collection of permissions. An action should not be permitted to run based solely on the role it has, but rather the authorised actionable permission which it possesses.

Permit.io is a great way to pay money for a service that has a solution to your problem, a problem that you don't necessarily have the time and resources to implement these auth structure. That said, when you roll your own authorisation it's cardinal to understand that these anti patterns may work, but the efficacy and technical debt it creates is the actual problem at hand.

I'm stating this for any persons that might be starting with dev and may not know why this solution is better. As I once have.

Collapse
 
nulls_brawl_3c4fb89a8a75a profile image
Nulls Brawl • Edited

Hey Arindam!
You made it so easy to add rbac authorization in nextjs. I am glad to land at this post after going through many useless articles. I must appreciate your work. You have explained every single thing in detail. Definitely gonna implement it on my upcoming project and will share results with you.

Collapse
 
delta_executor_0acd9493cd profile image
Delta Executor • Edited

Hi Arindam!
Thanks a lot for sharing this. I tried it on my first project, and the outcome was incredible! Excited to try it on my next project. Great Work!

Some comments have been hidden by the post's author - find out more