Dynamic route level of security

n_oandasan · May 23, 2018, 6:35am

Hello guys, I’m doubt if go lang can support dynamic routes.
I have two users on my database. In one user “user1” i assign to access dashboard and administrator by displaying in template the access link of dashboard and administrator like shown bellow.

aaa

The “user2” is assign to access dashboard.

Now, when i log-in using the “user2” im still able to access the administrator by typing Administrator on the address bar because Administrator is still on the main func, which is i don’t want for user2 to access.

fff

How to handle like this scenario. Thanks in Advance.

matiasb · May 23, 2018, 7:00am

Which authentication mechanism are you using at the moment? You should use a middleware and implement some kind of ACL in order to prevent users accessing forbidden routes.
Check this post and inspect the way withLogging and withTracing are implemented.

n_oandasan · May 23, 2018, 7:06am

Thanks, Im using database authentication.

n_oandasan · May 23, 2018, 8:11am

@matiasb i got it yeah… thanks bro

matiasb · May 23, 2018, 8:20am

Cool, no problem!

system · August 21, 2018, 8:20am

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.