I tend to handle it this way. The user's authorization data is queried with a REST endpoint (/api/users/me). The main challenge with this approach is knowing what kind of user interaction triggers an authorization data update in order to have new changes as "real time" as possible. Usually, this interaction is related to users navigation in the app menu.
EDIT:
Your driving license analogy is great!
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Thanks a lot for sharing!
I tend to handle it this way. The user's authorization data is queried with a REST endpoint (/api/users/me). The main challenge with this approach is knowing what kind of user interaction triggers an authorization data update in order to have new changes as "real time" as possible. Usually, this interaction is related to users navigation in the app menu.
EDIT:
Your driving license analogy is great!