Login tokens with specific role permissions

I’m trying to get an authentication workflow working where users can be assigned to roles based on their location in a verification process. I think I’m going about this the wrong way, but on registration I create a user and try to assign their role:

Create(Collection("User"), {
          credentials: { password: Var("password") },
          data: {
            full_name: Var("full_name"),
            email: LowerCase(Var("email")),
            created_at: Now(),
            updated_at: Now(),
            role: Role("UnverifiedUser")
     }
})

In my code I’m using a “public” role to be the base “guest” access. When a user logs in I swap the public role’s key to be replaced with the “UnverifiedUser” login token. I noticed that the token connects to my database perfectly fine, but the permissions are not being assigned as expected. For testing purposes, “UnverifiedUser” has unrestricted access to all indexes, collections, and functions but the test user’s token still receives a permission error. Is there something about assigning a role to a user in hopes of generating a user role token that I’m missing?

I ended up figuring out what I was missing. The “role” field was totally unnecessary. I just needed to create the membership with a “User” member collection which checks when a email_verified boolean is set to true or false to set the user’s role as VerifiedUser or UnverifiedUser. Now it’s working as intended.

Hi @jstoes and welcome!

I am glad it worked out!

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.