Answer the question
In order to leave comments, you need to log in
R
R
ravshan selimov2020-07-12 17:23:40
ravshan selimov, 2020-07-12 17:23:40
How to secure admin login?
Hello.
How can I secure the admin panel?
I haven't done any serious projects before, so I don't know.
I make the front on react, redux, react-router.
Server in php, for requests I use pdo.
Now the entrance to the admin panel is implemented as follows:
In the address bar, I add /admin to the path,
There is a login form, ... I
check the user status, if it is root or admin, then I change the redux state, change isAdmin to true.
And all if isAdmin is true I have access to the admin panel.
I don't think it's worth it, but I don't know how.
2 answer(s)
@ravshan01
Store the user's state in the session, not in redux, although you can duplicate it in rdux. On each request, check the session for the current state of the logged in user, check whether he has the right to access the desired controller / script. For a more confusing login, you can attach some other key to the admin panel, for example /admin?key=666 and check for the presence of this key, otherwise send it to 404.
T
ThunderCat, 2020-07-12 @ravshan01
ravshan selimov ,
isAdmin from redux state
I check authorization on the server,
Store the user's state in the session, not in redux, although you can duplicate it in rdux. On each request, check the session for the current state of the logged in user, check whether he has the right to access the desired controller / script. For a more confusing login, you can attach some other key to the admin panel, for example /admin?key=666 and check for the presence of this key, otherwise send it to 404.
Similar questions
R
E
I
R
C
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question