Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
D
D
DoubleDecker2020-01-07 18:04:13
PHP
DoubleDecker, 2020-01-07 18:04:13

What is the best way to secure requests?

Let's say there is an api on the site and these requests change any data in the database. How to make it so that only the user can use a certain category of requests, and the administrator can use another category? Now I just check the value in the session and the handlers in the scripts do not execute the request if there is not a user / admin in the session. It is right?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
D
dmshar, 2020-01-07
@DoubleDecker

Correctly.

Report
V
Vladimir Korotenko, 2020-01-07
@firedragon

Authentication and refinement of logic depending on the user's belonging to a group.
Something like this
if( User.IsAuthenticated && RoleProvider.IsUserInGroup("ADMIN")){
// your code
}
else{
// access denied
}

Similar questions
A
Alexander2010-11-02 21:22:51
Denver for Android 2Reply
N
nuclear2010-11-07 00:03:56
Programmer: Level Up 12Reply
G
German Gavrilov2010-11-11 10:42:00
Lightweight PHP editor with formatting and highlighting? 12Reply
S
Satoru62020-04-13 14:05:58
How to create an individual board for each user (php + mysql)? 0Reply
F
f3ath2010-11-21 10:27:47
Where can I find php 5.3.3 syntax highlighting for vim? 0Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question