You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Setup "user" database (we will rename it from customers, since we are using a role based authorization model with roles "admin", "internal" and "customer").
replace 'customer' with 'user'
update seeders to use password hash and user roles
Setup Authentication Routes and Actions/Services
Setup Session middleware to authorize frontend routes, such as customer/admin routes
Auth Specification:
Authentication will be based on Username and Password.
Authorization will be based on Role-Based Access Control (RBAC), see SlimBook Vol.3, p. 55.
We will use different authorization implementations, depending on the route types:
Session based authorization for front-end routes, such as user pages.
JWT stateless authorization for protected API routes.
The text was updated successfully, but these errors were encountered: