Node.js / NestJS

Authorization & RBAC

Role-based access control, custom guards, decorators, permissions, resource ownership

20 câu hỏi phỏng vấn·
Mid-Level
1

What is RBAC (Role-Based Access Control)?

Câu trả lời

RBAC is an access control system that grants permissions to users based on their roles. Instead of managing permissions individually for each user, RBAC groups permissions into roles (e.g., ADMIN, USER, MANAGER) and assigns these roles to users. This simplifies access management in applications, particularly useful in NestJS with custom guards and metadata decorators.

2

What is the difference between authentication and authorization?

Câu trả lời

Authentication verifies the user's identity (who are you?), typically via login/password or JWT token. Authorization verifies the user's permissions (what can you do?), controlling access to resources based on roles or permissions. In NestJS, authentication often uses JwtAuthGuard, while authorization uses custom guards like RolesGuard to check access rights.

3

Which NestJS decorator allows creating a custom guard?

Câu trả lời

To create a custom guard in NestJS, create a class decorated with @Injectable() that implements the CanActivate interface. This interface requires the canActivate(context: ExecutionContext) method that returns a boolean or Promise. The guard can then be applied to routes with @UseGuards(). This architecture allows injecting dependencies (services, repositories) into the guard to perform complex validations.

4

In RBAC, what does a 'permission' represent?

5

How to attach a guard to a controller in NestJS?

+17 câu hỏi phỏng vấn

Các chủ đề phỏng vấn Node.js / NestJS khác

Node.js Fundamentals

Junior
20 câu hỏi

Node.js Core APIs

Junior
25 câu hỏi

Asynchronous Programming

Junior
25 câu hỏi

Express.js Basics

Junior
20 câu hỏi

NestJS Fundamentals

Junior
23 câu hỏi

REST API Design

Junior
20 câu hỏi

Validation & DTO

Junior
20 câu hỏi

API Documentation & Contracts

Junior
20 câu hỏi

Error Handling

Junior
20 câu hỏi

Unit Testing

Junior
20 câu hỏi

Task Scheduling

Junior
15 câu hỏi

NestJS Modules & DI

Mid-Level
20 câu hỏi

Configuration & Environment Management

Mid-Level
20 câu hỏi

JWT Authentication

Mid-Level
25 câu hỏi

Database with TypeORM

Mid-Level
30 câu hỏi

Prisma ORM

Mid-Level
25 câu hỏi

Middleware & Interceptors

Mid-Level
20 câu hỏi

File Upload

Mid-Level
15 câu hỏi

WebSockets

Mid-Level
20 câu hỏi

GraphQL with NestJS

Mid-Level
25 câu hỏi

End-to-End Testing

Mid-Level
20 câu hỏi

Caching with Redis

Mid-Level
20 câu hỏi

Queues with Bull

Mid-Level
20 câu hỏi

DevOps, Logging & CI/CD

Mid-Level
25 câu hỏi

Docker & Containerization

Mid-Level
25 câu hỏi

Microservices

Senior
30 câu hỏi

Security Best Practices

Senior
25 câu hỏi

Performance & Cloud Deployment

Senior
30 câu hỏi

Nắm vững Node.js / NestJS cho lần phỏng vấn tiếp theo

Truy cập tất cả câu hỏi, flashcards, bài kiểm tra kỹ thuật, bài tập code review và mô phỏng phỏng vấn.

Bắt đầu miễn phí