MongoDB/Passport admin function

Im currently trying to make a medication refill app where registered users can post requests and i want those information accessible to only selected users including the person that made the request.

Im currently using JWT to generate tokens.
I was wondering if anyone has an idea how to get this started?
So far i can post a json request as a user but the information can be retrieved by any registered user. I want only few selected users to be able to access this

Using this may be of help https://docs.mongodb.com/manual/core/collection-level-access-control/

1 Like