Implementing Role-Based Authentication in MEAN Stack

 In modern web applications, controlling access to resources based on user roles is essential for security and proper user management. Role-based authentication allows you to assign different permissions to users like admins, editors, or general users. In a MEAN stack application—MongoDB, Express.js, Angular, and Node.js—implementing role-based authentication ensures that only authorized users can access specific routes or perform sensitive actions.

1️⃣ Define User Roles in MongoDB

The first step is to add a role field in your User schema. This field will store each user’s role, which determines their level of access. For example, using Mongoose:

const userSchema = new mongoose.Schema({

  username: String,

  password: String,

  role: { type: String, enum: ['admin', 'editor', 'user'], default: 'user' }

});

Here, you define three roles: admin, editor, and user, with user as the default.

2️⃣ Generate JWT with Role Information

When a user logs in successfully, issue a JSON Web Token (JWT) that includes their role information. This allows you to identify and authorize the user with each request.

const token = jwt.sign(

  { id: user._id, role: user.role },

  process.env.JWT_SECRET,

  { expiresIn: '1h' }

);

This token will be sent to the client and included in future requests for authorization.

3️⃣ Create Role-Based Middleware in Express

To protect backend routes, write middleware that checks both authentication and the user’s role. This middleware ensures only users with allowed roles can access certain routes:

function authorizeRoles(...allowedRoles) {

  return (req, res, next) => {

    const userRole = req.user.role;

    if (!allowedRoles.includes(userRole)) {

      return res.status(403).json({ message: 'Access denied' });

    }

    next();

  };

}

// Example: only admins can access this route

app.get('/admin/dashboard', authorizeRoles('admin'), (req, res) => {

  res.send('Admin Dashboard');

});

4️⃣ Secure Routes in Angular with Guards

On the frontend, use Angular’s route guards to improve user experience by preventing unauthorized navigation. The guard checks the user’s role before allowing access to certain routes:

canActivate(): boolean {

  const userRole = localStorage.getItem('role');

  if (userRole === 'admin') return true;

  this.router.navigate(['/unauthorized']);

  return false;

}

Although Angular guards restrict the UI, never rely on frontend checks for security—always validate roles on the backend.

5️⃣ Benefits of Role-Based Authentication

✅ Ensures sensitive features are protected

✅ Provides a scalable way to manage user permissions

✅ Improves user experience by showing relevant content

✅ Strengthens application security

🚀 Conclusion

Role-based authentication in the MEAN stack gives you precise control over who can do what in your app. By combining role definitions in MongoDB, JWT-based authentication in Node/Express, and route guards in Angular, you can build a secure and professional-grade web application.

Learn MEAN Stack Training Course

Read more: 

MongoDB Aggregation Framework for Beginners

MEAN Stack Interview Questions and Answers

Building a Blog App Using MEAN Stack

Creating a Chat Application with MEAN Stack

Visit Quality Thought Training Institute
Get Direction


Comments

Post a Comment

Popular posts from this blog

DevOps vs Agile: Key Differences Explained

 In the modern software development landscape, DevOps and Agile are two dominant methodologies that aim to deliver high-quality software efficiently and reliably. While they share common goals—such as faster releases, improved collaboration, and continuous improvement—they are not the same. This blog explains the key differences between DevOps and Agile, their core principles, and how they complement each other. Definition and Focus Agile is a software development methodology focused on iterative development, where requirements and solutions evolve through collaboration between cross-functional teams. Agile emphasizes adaptability, customer feedback, and working software delivered in small, frequent iterations (sprints). DevOps, on the other hand, is a software delivery approach that bridges the gap between development and operations teams. It emphasizes automation, continuous integration/continuous delivery (CI/CD), monitoring, and collaboration to achieve faster, more reliable so...
Read more

Regression Analysis in Python

Regression analysis is one of the most widely used statistical techniques in data science and machine learning. It helps us understand relationships between variables and make predictions. In this blog, we’ll walk through the basics of regression analysis using Python and its popular libraries. 🔍 What is Regression Analysis? Regression analysis is a predictive modeling technique used to examine the relationship between a dependent (target) variable and one or more independent (predictor) variables. The most common type is linear regression, which assumes a linear relationship between variables. For example, predicting house prices based on area, location, and number of bedrooms is a regression problem. 🛠 Libraries Required Before we start, install the required Python libraries: pip install numpy pandas matplotlib seaborn scikit-learn Now, let's import them: import numpy as np import pandas as pd import matplotlib.pyplot as plt import seaborn as sns from sklearn.linear_model impor...
Read more

Tosca Installation Guide for Beginners

 Tosca by Tricentis is a powerful test automation tool widely used for functional and regression testing. Known for its model-based testing approach, Tosca enables both technical and non-technical users to automate complex test cases with ease. If you're new to Tosca, installing it correctly is the first step toward harnessing its full potential. This guide walks you through the installation process in a simple, step-by-step manner. System Requirements Before you begin the installation, ensure your system meets the following requirements: Operating System: Windows 10 or later (64-bit) RAM: Minimum 8 GB (16 GB recommended) Processor: Intel i5 or higher Disk Space: At least 10 GB free space .NET Framework: Version 4.8 or later Step-by-Step Tosca Installation Step 1: Get the Installer Visit the official Tricentis website and register for an account. After logging in, navigate to the Downloads section and select the latest version of Tosca. Download the full installer (usually in .exe ...
Read more