From the course: Building APIs with LoopBack
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Locking down the app - Node.js Tutorial
From the course: Building APIs with LoopBack
Locking down the app
- [Narrator] All right. Now that we've talked about how loopbacks support security, let's take a look at how we actually use it. Like most things, loopback will use JSON definition files for its behavior, but we can use the CLI to automatically write out our settings to make things easier. We'll start by locking down the cat model completely. In otherwords, no one can do anything. It's always great to start that way and then gradually open up our security model a bit at a time. For our app, we'll do just that. And then say that users who are logged in can edit content. And we won't care about creating or editing or erasing, and anonymous users can read. As each rule is enabled, we'll stop and test. All right, let's do that. I'm in my terminal, and to get started I'm going to use a CLI to create an ACL using lb acl. It's going to start by asking me what model I want to work with. I will select cat. Now it's asking what to protect. And since I want everything blocked, I'll do all…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.