Implementing Impersonation

Jamie Lawrence on September 29, 2018

The ability to log in as one of your users is one of the highest value features you can develop to support your customers. The ability to log in a... [Read Full]
markdown guide
 

Nice article Jamie!

It got me hooked up because I have developed the same feature very recently.

The reason I did it was because it was much easier to do it this way than to have a special way for the admin to do it with separate backend functions.

I probably wouldn't have if the budget was higher...

 

This article emphasizes one important concept: Security by design. You can’t simply add some library or enable some flags later on after implementing a system without security in mind.
One interesting takeaway for me was to use a separate models for Admin and User. Most often I saw implementations just having a flag or more permissions.

code of conduct - report abuse