How to think about an application with an admin panel?

S

Skrolea2016-10-20 07:41:41

Node.js

Skrolea, 2016-10-20 07:41:41

Good afternoon. I am making an application with Angular2 and node.js. With the front, everything is clear. This is a standalone application that queries the backend using REST. The issue is in the server side. On the site.ru domain, I post the front. On a subdomain, say, api.site.ru, I post the server part. I make the admin panel in the same place, on api.site.ru, but since I certainly don’t want it to be possible to enter it from the frontend part, I have to somehow close its own api for authorization and other things. After all, express will also implement an API there, theoretically, for which everyone can make a request. How to "close use" of the admin API and leave only those for the frontend. Sorry if the question is not very good, but some kind of dumb thing since the morning (well, I have a morning)

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

R

Rsa97, 2016-10-20
@Rsa97

Add user rights to your system. There are admin rights - requests to the administration api work, no rights - they return a message or an error.