Answer the question
In order to leave comments, you need to log in
A
A
Anton Shtinov2015-12-30 19:05:28
Anton Shtinov, 2015-12-30 19:05:28
How to set up REST authorization for AngulagJS and Yii2?
Started developing an app. Yii2 backend, front end using angularjs. Since I just started to deal with these frameworks, I don’t really understand what normal solutions already exist. There are a whole bunch of examples of how to use REST and they are all of the same type, but there are few authorization examples and each has its own approach. Here I would like to understand whether there are more or less standard solutions, both from the front and from the back?
And another question arose about access rights, on the back side it’s simple - the user will have rights to certain requests. But what are the standard methods of working with user rights/roles on the front-end? The main thing is not understanding how to control the visibility of different areas on the front. In which direction to dig here?
2 answer(s)
@delimer
Perhaps this is the key phrase. Everyone really has their own approach. Someone does authorization exclusively through Yii and then authentication goes stupidly through cookies, someone uses tokens, someone JWT. Lots of approaches.
The user has rights. This is either a role or a list of actions that he can perform. In a word, everything is about the same as on the backend. Then you can set conditions in templates or something else. For angular, there are several approaches to organizing ACLs. There are a lot of ready-made ones too.
The frontend is not much different from the backend. Remember how you made applications with ordinary molds, etc. Here is the same thing, only now you do not have a "reload", that is, the application lives while the tab is open. Well, as a database, we have some kind of HTTP API. That's the whole difference.
The architecture of the application is about the same. Unless there are nuances. UI needs to be split into independent small components, preferably without their own state, and forwarded to them from above. Well, all that.
S
Sergey, 2015-12-30 @delimer
and everyone has their own way
Perhaps this is the key phrase. Everyone really has their own approach. Someone does authorization exclusively through Yii and then authentication goes stupidly through cookies, someone uses tokens, someone JWT. Lots of approaches.
The user has rights. This is either a role or a list of actions that he can perform. In a word, everything is about the same as on the backend. Then you can set conditions in templates or something else. For angular, there are several approaches to organizing ACLs. There are a lot of ready-made ones too.
The frontend is not much different from the backend. Remember how you made applications with ordinary molds, etc. Here is the same thing, only now you do not have a "reload", that is, the application lives while the tab is open. Well, as a database, we have some kind of HTTP API. That's the whole difference.
The architecture of the application is about the same. Unless there are nuances. UI needs to be split into independent small components, preferably without their own state, and forwarded to them from above. Well, all that.
Similar questions
W
P
A
A
S
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question