Answer the question
In order to leave comments, you need to log in
A
A
Alexey2018-09-27 13:15:08
Alexey, 2018-09-27 13:15:08
What approaches do you use to generate a template with different access rights?
How clumsy is the data? Is this solution safe?
- There are several tables in the database with levels and access rights (Access Control List), respectively, we get a combined access key;
- We use express-session to store information about the user, name / access key, etc .;
- In the required routes, we pass this key res.render('index', key : session.key});
- We form the template based on the received key and give it to the user.
1 answer(s)
@Abcdefgk
A
Abcdefgk, 2018-09-27 @Abcdefgk
In fact, by default, the "key" of the user's role is written to res.locals in the request handler, and the template itself provides options for different roles, which - depending on the role (access rights) - are given for generation based on a simple check like if ( key == 'Admin')...
Actually, this is the same as res.render('index', {key : session.key}); , only "correct".
Similar questions
N
D
W
whatever732015-03-29 17:36:06
How to find all cycles in undirected graph by adjacency matrix?
2Reply
G
F
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question