I'm facing an issue with access control in my application. I have a system where users are assigned roles (e.g., admin), and certain pages should only be accessible to specific roles. However, after I reload the page, even if the user is an admin, they can see all pages, including those that should be restricted.
I’m using session management, but after the reload, the role-based access appears to be bypassed, and all pages become visible. How can I fix this issue? Is it related to session handling or something else that I might be missing?
[
{
"id": "44c6d68e5650c5c2",
"type": "tab",
"label": "Flow 1",
"disabled": false,
"info": "",
"env": []
},
{
"id": "138ad8a6a29acecd",
"type": "group",
"z": "44c6d68e5650c5c2",
"style": {
"stroke": "#999999",
"stroke-opacity": "1",
"fill": "none",
"fill-opacity": "1",
"label": true,
"label-position": "nw",
"color": "#a4a4a4"
},
"nodes": [
"9d49c564b5459c43",
"7efcaae1ebdfd750",
"a4b0232614c80343",
"8ff627a2b47b2b68",
"36ca7d3ee6b93471",
"feec4596d89aec22",
"cde67a88e039f2ca",
"6e3852bc45039c45"
],
"x": 34,
"y": 279,
"w": 822,
"h": 222
},
{
"id": "e040aee0b6949a8a",
"type": "group",
"z": "44c6d68e5650c5c2",
"style": {
"stroke": "#999999",
"stroke-opacity": "1",
"fill": "none",
"fill-opacity": "1",
"label": true,
"label-position": "nw",
"color": "#a4a4a4"
},
"nodes": [
"3a614f30be8af003",
"87e28838413f41ca",
"96c3d1b662878c8d"
],
"x": 34,
"y": 19,
"w": 252,
"h": 202
},
{
"id": "424b2fd05d77fc17",
"type": "group",
"z": "44c6d68e5650c5c2",
"style": {
"stroke": "#999999",
"stroke-opacity": "1",
"fill": "none",
"fill-opacity": "1",
"label": true,
"label-position": "nw",
"color": "#a4a4a4"
},
"nodes": [
"3c63073a635baecc",
"72285daacd9dcc25"
],
"x": 354,
"y": 19,
"w": 252,
"h": 122
},
{
"id": "3a614f30be8af003",
"type": "ui-gauge",
"z": "44c6d68e5650c5c2",
"g": "e040aee0b6949a8a",
"name": "adminpage1gauge",
"group": "f3e6c8d6a9fe95d1",
"order": 1,
"width": 3,
"height": 3,
"gtype": "gauge-half",
"gstyle": "needle",
"title": "gauge",
"units": "units",
"icon": "",
"prefix": "",
"suffix": "",
"segments": [
{
"from": "0",
"color": "#5cd65c"
},
{
"from": "4",
"color": "#ffc800"
},
{
"from": "7",
"color": "#ea5353"
}
],
"min": 0,
"max": 10,
"sizeThickness": 16,
"sizeGap": 4,
"sizeKeyThickness": 8,
"styleRounded": true,
"styleGlow": false,
"className": "",
"x": 150,
"y": 100,
"wires": []
},
{
"id": "87e28838413f41ca",
"type": "ui-slider",
"z": "44c6d68e5650c5c2",
"g": "e040aee0b6949a8a",
"group": "7ee2c4852193c3a2",
"name": "adminpage2 slider",
"label": "slider",
"tooltip": "",
"order": 1,
"width": 0,
"height": 0,
"passthru": false,
"outs": "all",
"topic": "topic",
"topicType": "msg",
"thumbLabel": "true",
"showTicks": "always",
"min": 0,
"max": 10,
"step": 1,
"className": "",
"iconPrepend": "",
"iconAppend": "",
"color": "",
"colorTrack": "",
"colorThumb": "",
"x": 150,
"y": 180,
"wires": [
[]
]
},
{
"id": "9d49c564b5459c43",
"type": "ui-event",
"z": "44c6d68e5650c5c2",
"g": "138ad8a6a29acecd",
"ui": "64fc71361e24a0d0",
"name": "",
"x": 110,
"y": 400,
"wires": [
[
"a4b0232614c80343"
]
]
},
{
"id": "7efcaae1ebdfd750",
"type": "comment",
"z": "44c6d68e5650c5c2",
"g": "138ad8a6a29acecd",
"name": "Client-Defined Data",
"info": "",
"x": 270,
"y": 320,
"wires": []
},
{
"id": "a4b0232614c80343",
"type": "switch",
"z": "44c6d68e5650c5c2",
"g": "138ad8a6a29acecd",
"name": "",
"property": "_client.user.role",
"propertyType": "msg",
"rules": [
{
"t": "eq",
"v": "admin",
"vt": "str"
},
{
"t": "eq",
"v": "guest",
"vt": "str"
}
],
"checkall": "true",
"repair": false,
"outputs": 2,
"x": 250,
"y": 400,
"wires": [
[
"feec4596d89aec22"
],
[
"8ff627a2b47b2b68",
"6e3852bc45039c45"
]
]
},
{
"id": "8ff627a2b47b2b68",
"type": "debug",
"z": "44c6d68e5650c5c2",
"g": "138ad8a6a29acecd",
"name": "debug 2576",
"active": true,
"tosidebar": true,
"console": false,
"tostatus": false,
"complete": "true",
"targetType": "full",
"statusVal": "",
"statusType": "auto",
"x": 740,
"y": 400,
"wires": []
},
{
"id": "36ca7d3ee6b93471",
"type": "ui-control",
"z": "44c6d68e5650c5c2",
"g": "138ad8a6a29acecd",
"name": "",
"ui": "64fc71361e24a0d0",
"events": "change",
"x": 600,
"y": 360,
"wires": [
[]
]
},
{
"id": "feec4596d89aec22",
"type": "function",
"z": "44c6d68e5650c5c2",
"g": "138ad8a6a29acecd",
"name": "function 10",
"func": "msg.payload = {\n pages: {\n show: ['adminPage1','adminPage2'],\n hide: ['worldmap','guestPage1']\n \n }\n}\nnode.warn(`User: ${msg._client?.user?.role || 'Unknown User'}`);\nreturn msg;",
"outputs": 1,
"timeout": 0,
"noerr": 0,
"initialize": "",
"finalize": "",
"libs": [],
"x": 440,
"y": 360,
"wires": [
[
"36ca7d3ee6b93471"
]
]
},
{
"id": "cde67a88e039f2ca",
"type": "ui-control",
"z": "44c6d68e5650c5c2",
"g": "138ad8a6a29acecd",
"name": "",
"ui": "64fc71361e24a0d0",
"events": "change",
"x": 600,
"y": 460,
"wires": [
[]
]
},
{
"id": "6e3852bc45039c45",
"type": "function",
"z": "44c6d68e5650c5c2",
"g": "138ad8a6a29acecd",
"name": "function 11",
"func": "msg.payload = {\n pages: {\n hide: ['adminPage2','adminPage1','worldmap'],\n show: ['guestPage1'],\n }\n // groups: {\n // hide: ['gauge:chart']\n // }\n}\nreturn msg;",
"outputs": 1,
"timeout": 0,
"noerr": 0,
"initialize": "",
"finalize": "",
"libs": [],
"x": 440,
"y": 460,
"wires": [
[
"cde67a88e039f2ca"
]
]
},
{
"id": "96c3d1b662878c8d",
"type": "comment",
"z": "44c6d68e5650c5c2",
"g": "e040aee0b6949a8a",
"name": "admin users page",
"info": "",
"x": 170,
"y": 60,
"wires": []
},
{
"id": "3c63073a635baecc",
"type": "ui-tabulator",
"z": "44c6d68e5650c5c2",
"g": "424b2fd05d77fc17",
"name": "guest page1 Tabulator",
"group": "34a76b9c36182457",
"initObj": "{\n \"height\": 200,\n \"layout\": \"fitColumns\",\n \"columns\": [\n {\"field\":\"id\",\"visible\":false},\n {\"title\":\"Name\",\"field\":\"name\",\"width\":200,\"hozAlign\":\"left\"},\n {\"title\":\"Age\",\"field\":\"age\",\"width\": 100,\"hozAlign\":\"center\"}\n ],\n \"data\": [\n {\"id\":1,\"name\":\"John Brown\", \"age\":30},\n {\"id\":2,\"name\":\"Betty Clark\", \"age\":25}\n ]\n}",
"maxWidth": "",
"events": "",
"order": 1,
"multiUser": false,
"validateRowIds": false,
"themeCSS": "",
"themeFile": "",
"tblDivId": "",
"printToLog": false,
"width": 0,
"height": 0,
"x": 480,
"y": 100,
"wires": [
[]
]
},
{
"id": "72285daacd9dcc25",
"type": "comment",
"z": "44c6d68e5650c5c2",
"g": "424b2fd05d77fc17",
"name": "guest users page",
"info": "",
"x": 480,
"y": 60,
"wires": []
},
{
"id": "f3e6c8d6a9fe95d1",
"type": "ui-group",
"name": "adminpage1",
"page": "5e3e6637ee3ae563",
"width": "6",
"height": "1",
"order": 1,
"showTitle": true,
"className": "",
"visible": "true",
"disabled": "false",
"groupType": "default"
},
{
"id": "7ee2c4852193c3a2",
"type": "ui-group",
"name": "adminpage2",
"page": "56fd9e21f25d5f67",
"width": "6",
"height": "1",
"order": 1,
"showTitle": false,
"className": "",
"visible": "true",
"disabled": "false",
"groupType": "default"
},
{
"id": "64fc71361e24a0d0",
"type": "ui-base",
"name": "",
"path": "/dashboard",
"appIcon": "",
"includeClientData": true,
"acceptsClientConfig": [
"ui-iframe",
"ui-control",
"ui-template",
"ui-gauge",
"ui-chart",
"ui-slider",
"ui-form",
"ui-text-input",
"ui-number-input",
"ui-file-input",
"ui-button",
"ui-button-group",
"ui-dropdown",
"ui-radio-group",
"ui-switch",
"ui-text",
"ui-chart",
"ui-form",
"ui-number-input",
"ui-switch",
"ui-table",
"ui-gauge",
"ui-markdown",
"ui-iframe",
"ui-tabulator",
"ui-radio-group",
"ui-dropdown",
"ui-button-group",
"ui-file-input"
],
"showPathInSidebar": false,
"showPageTitle": false,
"navigationStyle": "icon",
"titleBarStyle": "fixed"
},
{
"id": "34a76b9c36182457",
"type": "ui-group",
"name": "guestpage1",
"page": "4ce66a287985f7a7",
"width": "6",
"height": "1",
"order": 1,
"showTitle": true,
"className": "",
"visible": "true",
"disabled": "false",
"groupType": "default"
},
{
"id": "5e3e6637ee3ae563",
"type": "ui-page",
"name": "adminPage1",
"ui": "64fc71361e24a0d0",
"path": "/admin-page1",
"icon": "home",
"layout": "grid",
"theme": "default",
"breakpoints": [
{
"name": "Default",
"px": "0",
"cols": "3"
},
{
"name": "Tablet",
"px": "576",
"cols": "6"
},
{
"name": "Small Desktop",
"px": "768",
"cols": "9"
},
{
"name": "Desktop",
"px": "1024",
"cols": "12"
}
],
"order": 3,
"className": "",
"visible": "true",
"disabled": "false"
},
{
"id": "56fd9e21f25d5f67",
"type": "ui-page",
"name": "adminPage2",
"ui": "64fc71361e24a0d0",
"path": "/admin-page2",
"icon": "home",
"layout": "grid",
"theme": "default",
"breakpoints": [
{
"name": "Default",
"px": "0",
"cols": "3"
},
{
"name": "Tablet",
"px": "576",
"cols": "6"
},
{
"name": "Small Desktop",
"px": "768",
"cols": "9"
},
{
"name": "Desktop",
"px": "1024",
"cols": "12"
}
],
"order": 4,
"className": "",
"visible": "true",
"disabled": "false"
},
{
"id": "4ce66a287985f7a7",
"type": "ui-page",
"name": "guestPage1",
"ui": "64fc71361e24a0d0",
"path": "/guest-page1",
"icon": "home",
"layout": "grid",
"theme": "default",
"breakpoints": [
{
"name": "Default",
"px": "0",
"cols": "3"
},
{
"name": "Tablet",
"px": "576",
"cols": "6"
},
{
"name": "Small Desktop",
"px": "768",
"cols": "9"
},
{
"name": "Desktop",
"px": "1024",
"cols": "12"
}
],
"order": 2,
"className": "",
"visible": true,
"disabled": false
}
]
