Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
C
C
chincharovpc2019-12-03 18:41:07
API
chincharovpc, 2019-12-03 18:41:07

How to organize API for different roles?

There are two roles
- Admin -
Manager, reports
to the admin Only the admin has access to the Admin page.
Admin and Manager have access to the Manager page.
If the manager requests data via api, then I look at the token and return it, but what if the admin requests data on the manager's page?
How to organize on the server side?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
I
Ivan Shumov, 2019-12-03
@inoise

The API should not know anything about your mythical roles in the system. A role is simply a way to group permissions in a system and bind them to a user. The token should contain information about them, and not about the roles. All. Mystery solved

Similar questions
W
wwwx3m2019-12-17 10:57:16
Is set.has(value) possible under given conditions? 2Reply
M
Mikhail Lunacharsky2017-02-11 17:21:50
How to download instastories? 1Reply
V
Vladislav2015-02-13 19:38:22
Steam api and how to create a game server automatically? 0Reply
T
TimAkhmetov2019-07-15 12:53:51
How to extract and enter data on a site without an API, on an aggregator? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question