I’m trying to get an authentication workflow working where users can be assigned to roles based on their location in a verification process. I think I’m going about this the wrong way, but on registration I create a user and try to assign their role:
Create(Collection("User"), {
credentials: { password: Var("password") },
data: {
full_name: Var("full_name"),
email: LowerCase(Var("email")),
created_at: Now(),
updated_at: Now(),
role: Role("UnverifiedUser")
}
})
In my code I’m using a “public” role to be the base “guest” access. When a user logs in I swap the public role’s key to be replaced with the “UnverifiedUser” login token. I noticed that the token connects to my database perfectly fine, but the permissions are not being assigned as expected. For testing purposes, “UnverifiedUser” has unrestricted access to all indexes, collections, and functions but the test user’s token still receives a permission error. Is there something about assigning a role to a user in hopes of generating a user role token that I’m missing?