This question is asked before, but no good solution was given. I want the give the user permission base on the group he is in azure ad.
I authenticate the users with auth type strategie passport-azure-ad. Just like the example in the docs, it has a verify function. This function calls done(null, profile). The profile has a property username.
The next step is de users function. This function only excepts a user value. This is the username from the profile object passed by de verify function.
users: function (user) {
if(user) {
return Promise.resolve({ username: user, permissions: "*" })
} else {
return Promise.resolve(null)
}
},
How can I pass trough the permission from the verify function to the user function?
Globale variable isn't the solution, because when user logs in by cached token no authentication (validation) happens.