HiI'm looking for a library/libraries to handle authorization. I've a found a couple like "permissions" but none really do exactly what i what them to.I'm building an API and want to send in a user's role ('user' or 'admin') in the request and then have the authorization check the user's role in the middleware to see if they have access to the specific route they are calling. Not only that I want to change the information passed back to the requester based on their role. For example, say if it is an 'admin' requesting a User object from the API, the API will return the entire User object unchanged. However if it is a 'user' that is making that request I want to return the User object except say without the password field. Silly example I know but I dont have a simpler way of putting it.Is there any library/combination of libraries that will help me with this? Or am I just better of implementing this on my own?Thanks for any help in advance :)
Submitted February 01, 2017 at 03:46PM by DotaSlimz
No comments:
Post a Comment