Hey guys,
I try to create a market place with Golang that source is available until now on GitHub: https://github.com/mehrdaddolatkhah/market-place
in this service, I have 3 roles: admin, user, and marketer.
now I want to create an Access Level list for this service. how I must do that?
right now my strategy is to create a layer in the rest package and then check the JWT token, that I place userId inside JWT token, and then check the end-point that the user called then check the database with that role, then if the user existed and have access to that end-point data return response. is it a good solution? or people how handle this?
thank you for your advice.
sorry for bad English. I start to learn English in academic and it takes a time to be better
some people introduce this library to me in slack gophers: https://github.com/casbin/casbin
but I don’t want to use the library, I look for a way people handle access for a different role in service. and have some security. I don’t wanna a user to have access to the admin section or any other roles that have access to some section that not related to them. how you guys handle this access between your role in your service?
I suppose that you develop some kind of web application. For applications requesting roles and acces rights I used Gorilla mux with soubrouters and authentication on the middleware.