Bird
0
0

You want to add role-based access control using JWT strategy. Which approach correctly extends the validate method to include user roles from the token payload?

hard📝 component behavior Q8 of 15
NestJS - Authentication
You want to add role-based access control using JWT strategy. Which approach correctly extends the validate method to include user roles from the token payload?
AStore roles in a global variable inside JwtStrategy
BReturn { userId: payload.sub, username: payload.username, roles: payload.roles }
CAdd roles as a separate parameter to validate()
DIgnore roles in validate and check them in controller
Step-by-Step Solution
Solution:

  1. Step 1: Understand validate method role

    It returns user info extracted from JWT payload, including roles if present.

  2. Step 2: Correctly include roles in returned object

    Adding roles from payload to returned object allows guards to access roles for authorization.

  3. Final Answer:

    Return { userId: payload.sub, username: payload.username, roles: payload.roles } -> Option B

  4. Quick Check:

    Include roles in validate() return [OK]
Quick Trick: Add roles to validate() return object for access control [OK]
Common Mistakes:
  • Passing roles as separate parameter
  • Using global variables for roles
  • Ignoring roles in strategy

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More NestJS Quizzes
Authentication - Token generation and validation - Quiz 2easy Authentication - Session-based authentication - Quiz 4medium Guards - Combining multiple guards - Quiz 11easy Interceptors - Cache interceptor - Quiz 13medium Interceptors - Timeout interceptor - Quiz 1easy Interceptors - Exception mapping interceptor - Quiz 6medium Middleware - Applying middleware to routes - Quiz 9hard Middleware - Functional middleware - Quiz 6medium Middleware - Third-party middleware (cors, helmet) - Quiz 6medium Pipes - Custom pipes - Quiz 8hard