-
-
Notifications
You must be signed in to change notification settings - Fork 37
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
What is the right way to set deny function? #16
Comments
There was an echo example, until the echo package was changed by the echo developers, so that I had to rewrite the example. I'm not sure if the old code is helpful for the latest version of echo, but it is here: 9221b1e#diff-04c6e90faac2675aa89e2176d2eec7d8L629 The main idea is to reject by just returning without serving any further content to the client, except perhaps an error page. |
Thanks for the reply. |
Yes, by default, a user must be logged in as admin before being able to access URLs starting with This is covered here: https://github.com/xyproto/permissions2#default-permissions I could change the wording from "has admin rights" to "requires admin rights" and move that block of text to above the top of README.md, if that would be clearer? |
That is clearer now. Much appreciations. |
I think i may have closed this too early. I had an idea on how i would create my admin but i think i might have to change that now. I already implemented a regular user signup and login. |
One possible flow is this:
The possibilities are endless! :) I am in the process of brushing up an old register + login application I created before I started developing on Algernon instead, where the same things can be done as in Go, but in Lua. The nice thing about using Go + Go packages is that it feels more modular and "bottom up", though. |
I am doing my admin module now and i can't seem to figure this part out. On the examples i see you check
if perm.Rejected(w, req)
but i don't seem to know how to set the rejected part.Lets say i just checked
userstate.IsAdmin("bob")
and it isfalse
. How do i deny here and use middleware to check that.I am using echo but a good example should work too in any of those frameworks.
The text was updated successfully, but these errors were encountered: