illustration for Build a React App with Authorization and Authentication using AWS Amplify
Course

Build a React App with Authorization and Authentication using AWS Amplify

  9. 9
    Check for User Specific Roles using AWS Amplify
    1m 38s
⚠️ This lesson is retired and might contain outdated information.

Check for User Specific Roles using AWS Amplify

Ali Spittel
InstructorAli Spittel
Share this video with your friends

Social Share Links

Send Tweet
Published 3 years ago
Updated 2 weeks ago

The main goal of this lesson is to check to see what roles are attached to a user. On a user's accessToken, we can access their roles to check if they are an 'admin' which we can set on our app on amplifyapp.com.

View code on GitHub

Instructor: [0:00] When we implemented authorization, we restricted certain actions to admins. On the frontend, we need to check to see if a user is an admin and conditionally render based on that. I'll create a state field that stores whether a user is an admin or not.

[0:21] By default, it will be set to false. Underneath our set user, we'll set "is admin." Whether or not the user is an admin will be stored within the user object. We'll check the sign in user session, their access token, and its payload. That payload will have Cognito groups associated with it.

[0:50] We'll check to see if those groups include admin. Includes will return true or false, depending on whether admin is in the Cognito groups array or not. Let's display a message if a user is an admin. My current signed-in user is not an admin.

[1:11] I can change that through the admin UI. If I go to my apps home page and click manage groups, I'll see my user. Within group membership, I can add myself to the admin group. Now I'll sign-out, sign-in again. Now it displays the "you are an admin" message.

[1:32] We can now check to see if a user is a member of a group and conditionally render our user interface based off of that.

egghead
egghead
~ 15 seconds ago

Member comments are a way for members to communicate, interact, and ask questions about a lesson.

The instructor or someone from the community might respond to your question Here are a few basic guidelines to commenting on egghead.io

Be on-Topic

Comments are for discussing a lesson. If you're having a general issue with the website functionality, please contact us at support@egghead.io.

Avoid meta-discussion

  • This was great!
  • This was horrible!
  • I didn't like this because it didn't match my skill level.
  • +1 It will likely be deleted as spam.

Code Problems?

Should be accompanied by code! Codesandbox or Stackblitz provide a way to share code and discuss it in context

Details and Context

Vague question? Vague answer. Any details and context you can provide will lure more interesting answers!

Markdown supported.
Become a member to join the discussionEnroll Today