I would like to know how to create proper role-based redirect rules using the netlify.toml file.
Right now I have added a function to mark every user on my site with a role called ‘user’. This is to identify these users as registered and properly logged in (the registration on the site will be invite-only).
In my netlify.toml I have the following:
[[redirects]]
from = "/userdoc/*"
to = "/"
status = 200
force = true # COMMENT: ensure that we always redirect
conditions = {Role != ["user"]}
[[redirects]]
from = "/dev/*"
to = "/"
status = 200
force = true # COMMENT: ensure that we always redirect
conditions = {Role != ["user"]}
…which obviously NOT what I need, since with this syntax Netlify doesn’t even build the site.
So the question is - how to write the proper set of rules via netlify.toml that would make everyting at the /userdoc and /dev sections accessible only to the visitors with user role?
Oh, and the second one - how to properly set to in these rules to return to the site index page? Cause right now the “/” in to sends me to the 404 page for some reason.
[[redirects]]
from = "/userdoc/*"
force = true
status = 200
conditions = {Role = ["user"]}
[[redirects]]
from = "/userdoc/*"
to = "/"
force = true
status = 302
The above is only for one page so we have to repeat the process again for your dev page.
[[redirects]]
from = "/dev/*"
force = true
status = 200
conditions = {Role = ["user"]}
[[redirects]]
from = "/dev/*"
to = "/"
force = true
status = 302
That should be it, in terms of implementing RBAC into your site. The above should also include redirecting users to the home page that you wanted.
Hope that helps, if it returns an error make sure to come back here… it’s probably a stupid mistake on my part
By the way, I would love to see your function that automatically attaches a role to a user: as of yet I haven’t heard something like that being used.
Thank you for your reply. However, that didn’t work.
It seems that it redirects me to the home regardless of the role with your example.
As to the function, it is an identity-signup.js stored at netlify/functions folder:
exports.handler = function(event, context, callback) {
const data = JSON.parse(event.body);
const { user } = data;
const responseBody = {
app_metadata: {
roles: ["user"],
my_user_info: "Invited site visitor"
},
user_metadata: {
...user.user_metadata, // append current user metadata
custom_data_from_function: "Automatically added to user group on sign-up."
}
};
callback(null, {
statusCode: 200,
body: JSON.stringify(responseBody)
});
};
This one has proven to be working, I have tested it with a couple of users already.
I can’t believe that the redirect conditions do not support the NOT logic. But I couldn’t find any example of how to do this. I have also contacted the support, but it seems I will grow a beard earlier than they get to reply.
P.S. I think the redirects do not work because the first rule in the file for the same url counts as the priority. At least they mentioned this in the docs.
