Two separate jwt configs

I have two sites, one for site and one for admin. They both talk to Adonis API and i log in admin users with:

 jwt: {
    serializer: 'lucid',
    model: 'App/Models/Admin/User/User',
    scheme: 'jwt',
    uid: 'email_address',
    password: 'password',
    options: {
      secret: Env.get('APP_KEY'),
      expiresIn: '1y'
    }
  },

is it possible to have like:

 jwt_site: {
    serializer: 'lucid',
    model: 'App/Models/Site/User/User',
    scheme: 'jwt',
    uid: 'email_address',
    password: 'password',
    options: {
      secret: Env.get('APP_KEY'),
      expiresIn: '1y'
    }
  },

and

 jwt_admin: {
    serializer: 'lucid',
    model: 'App/Models/Admin/User/User',
    scheme: 'jwt',
    uid: 'email_address',
    password: 'password',
    options: {
      secret: Env.get('APP_KEY'),
      expiresIn: '1y'
    }
  },

then somehow get the site to use one config and admin the other?

Hi!

Similar questions have been asked several times and response has almost always been same.

When you have login with different roles, you should still log in users (same model) and then each user has role. Not make different models for login

Add role to your user migration

table.string('role').default('user') // or something similar 

What if in future you will have such roles: user, admin, moderator, member, reader, auditor etc. Then you would have to make new login systems for each of them.

In 99% of cases there should be one login system and users with different roles. After logging user in you can check user role and return data based on it

// Pseudocode

// PostsController.index
if (auth.user.role === 'admin') {
  // Return all posts if admin
  return Post.all()
}
// Return only user own posts, if not admin
return auth.user.posts()

You could also make middleware to validate roles and allow different roles on different urls etc.

Thank you for a quick answer.

I have no problem with roles but let say i want the admin users to have:

expiresIn: '1y'

and site users

expiresIn: '1w'

Is this possible?

Yesh, you can change JWT options as last parameter while generating JWTs

https://adonisjs.com/docs/4.1/authentication#_jwt_methods

3 Likes