DEV Community

Gerardo Andrés Ruiz Castillo
Gerardo Andrés Ruiz Castillo

Posted on • Originally published at geanruca.gitvlg.com

Securing Dashboard Access with LinkedIn Authentication

#go #authentication #security #middleware

Enhancing the security of the devlog-ist/landing project, a new feature requires users to connect their LinkedIn accounts before accessing the dashboard. This measure ensures a higher level of user verification and provides a more professional and authenticated experience.

The Challenge

Previously, the dashboard was accessible with standard email/password authentication. To improve security and user authenticity, we needed a way to verify users' professional identities.

The Solution

We implemented a new Filament authentication middleware that checks for a valid LinkedIn connection. Users without a connected LinkedIn account are redirected to a benefits page where they can connect their account.

Here's a simplified example of how the middleware might look in Go:

package main

import "fmt"

type User struct {
    LinkedInConnected bool
    IsSuperAdmin    bool
}

func checkLinkedIn(user User) bool {
    // Skip LinkedIn check for super admins
     if user.IsSuperAdmin {
         return true
     }

    return user.LinkedInConnected
}

func main() {
    user := User{LinkedInConnected: false, IsSuperAdmin: false}

     if checkLinkedIn(user) {
         fmt.Println("Access granted")
     } else {
         fmt.Println("Access denied. Connect LinkedIn.")
     }
}
Enter fullscreen mode Exit fullscreen mode

This Go example illustrates the basic logic: it checks if a user has a LinkedIn connection and grants or denies access accordingly. Super admins are bypassed from this check.

Additional Features

  • Super Admin Bypass: Super administrators are exempt from the LinkedIn connection requirement.
  • Impersonation Bypass: Users who are being impersonated also bypass the requirement, allowing support staff to access accounts without needing LinkedIn connections.
  • Localization: The redirection page and related messages are translated into 10 languages.
  • DRY Principle: Extracted a ChecksSuperAdminImpersonation trait to avoid code duplication.

The Outcome

By requiring LinkedIn connections, we've significantly enhanced the security and authenticity of our dashboard users. This added layer of verification ensures a more professional and trustworthy environment.

Actionable Takeaway

Consider implementing multi-factor authentication or social authentication (like LinkedIn) to increase the security and verification of your application's users. Always provide bypass mechanisms for administrative accounts and ensure proper localization for a global audience.

Top comments (0)