Im working on a project to implement the login and have role and permission check using API (PHP 5 and MySQL, no framework).
So users can only access to specific sub folder, let say user A and B can only access to http://ift.tt/2u6ymZg and other user C and D can only access to http://ift.tt/2sNYeFw...
And I need the roles and permissions to be checked on every request before accessing the resources (e.g. staff cannot access to the http://ift.tt/2u6xyUo folder...)
Becoz the current source code is a bit hard to refactor, so im looking at the solution to setup a new server for handling the login process (using Laravel, JWT and Dingo) and from here, I can check the user roles and permissions using laratrust library.
However, by doing this approach, I have to pass the token and have the roles and permissions check on every single pages. Im afraid that may slow down the response.
So what is the best practice for this scenario?
Thanks
from Newest questions tagged laravel-5 - Stack Overflow http://ift.tt/2u6T3EF
via IFTTT
Aucun commentaire:
Enregistrer un commentaire